Releases: kptdev/porch
Releases · kptdev/porch
api v1.0.0
Initial release of the API module
- Separate API types module by @mozesl-nokia in #1060
Contributors
mozesl-nokia
Assets 2
v1.5.11
What's Changed
- Cherry-Pick: Prune empty git subtrees after package deletion in subdirectories to 1.5 by @Catalin-Stratulat-Ericsson in #983
- Cherry Pick #989 - Fix latest=true flag handling in dbpackagerevision by @kushnaidu in #1000
- Cherry-pick: Add package resource file sizes to PackageRevision interface (#954) by @JamesMcDermott in #1015
- Cherry pick - Fix release workflow tag pattern to support multi-digit patch versions by @aravindtga in #1021
- Update dbpackagerevision.go to use pr.deployment - missed during cherrypick of #509 by @kushnaidu in #1023
- Manual Cherry pick - Change references to Nephio to kptdev by @aravindtga in #1025
Full Changelog: v1.5.9...v1.5.11
Contributors
aravindtga, kushnaidu, and 2 other contributors
Assets 8
v1.5.10
What's Changed
- Cherry-Pick: Prune empty git subtrees after package deletion in subdirectories to 1.5 by @Catalin-Stratulat-Ericsson in #983
- Cherry Pick #989 - Fix latest=true flag handling in dbpackagerevision by @kushnaidu in #1000
- Cherry-pick: Add package resource file sizes to PackageRevision interface (#954) by @JamesMcDermott in #1015
- Cherry pick - Fix release workflow tag pattern to support multi-digit patch versions by @aravindtga in #1021
- Update dbpackagerevision.go to use pr.deployment - missed during cherrypick of #509 by @kushnaidu in #1023
- Manual Cherry pick - Change references to Nephio to kptdev by @aravindtga in #1025
Full Changelog: v1.5.9...v1.5.10
Contributors
aravindtga, kushnaidu, and 2 other contributors
Assets 8
v1.5.9
Highlights
Improvements to Porch scalability, security updates for Open Telemetry and some minor bug fixes.
What's Changed
- Backport of #498 by @nagygergo in #499
- Cherry pick #504 - Scalability Improvements 5: CLI Improvements by @kushnaidu in #529
- Cherry pick of #516 - Allow for connection pool configuration by @kushnaidu in #528
- 503 backport by @nagygergo in #531
- Backport #500 by @nagygergo in #533
- Fix watch recovery after connection failures by @kushnaidu in #527
- Backport #519 and #528 version bumping PRs to 1.5 branch by @liamfallon in #534
- Cherry Pick multiple field selector bugfix to 1.5 by @Catalin-Stratulat-Ericsson in #538
- cherrypick #509 - the DB cache should handle it as a single database query by @kushnaidu in #550
- Cherry pick #551 - chore: update kpt version to v1.0.0-beta.62.1 (#551) by @aravindtga in #556
- Cherrypick: Removing ability to Watch on PackageRevisionResources (#553) to 1.5 branch by @Catalin-Stratulat-Ericsson in #559
- Cherrypick #502 - Store kptfile meta in the DB for PackageRevision queries by @kushnaidu in #560
- Cherry pick #1102 - Fix upgrade CLI to run get to find package revision (#547) by @kushnaidu in #552
- Scalability Improvements 9: During porch-server startup, background.go based repository sync should allow for synchronising multiple repositories at once. by @kushnaidu in #543
- Allow watches to run against a streaming DB list by @nagygergo in #567
- Cherrypick #536 - Move deletion validation out of the webhook and into delete request validations by @kushnaidu in #565
- Cherrypick #539 - Fix timezone mismatch in Porch, which is causing resource conflicts by @kushnaidu in #568
- Add cache-wide rate limiting to db cache syncs by @nagygergo in #574
Full Changelog: v1.5.8...v1.5.9
Contributors
aravindtga, nagygergo, and 3 other contributors
Assets 8
v1.5.8
Highlights
Allow storage of draft PackageRevision resources when the mutation pipeline is failing
It is now possible to ask Porch to save the resources of a Package Revision even if the mutation pipeline of the draft PR fails. See the
Persisting Resources on Render Failure section in the documentation.
Multiple parallel KRM function evaluator pods for the same KRM functions
Note
This feature supports only 1 replica of function-runner.
Multiple KRM function evaluator pods can now share the load of running KRM functions
Disaster Recovery Test Suite
5 scenarios covered:
- Total disaster
- K8s cluster's disaster
- Porch server restart
- Porch database cache is lost
- Porch database cache is restored to a previous point in time
Prevent deletion of upstream package if it has children
Porch now prevents you from deleting a PR if it is an upstream PR of another PR.
Note
This will cause a performance degradation on Package Revision deletes because the code will have to search every package
revision inside the name space to see if the package revision that's being deleted is used as an upstream.
What's Changed
- Fix Porchctl release CI job kpt version by @aravindtga in #476
- #998: Do not allow deletion of a PR that is an upstream PR of a cloned PR by @kushnaidu in #453
- Add dynamic package revision count expectations in disaster-recovery test suite by @JamesMcDermott in #477
- Fix wrapper-server binary path for non-root container migration by @aravindtga in #478
- Go and kpt setup moved into a reusable composite action by @aravindtga in #479
- Multiple parallel KRM function evaluator pods for the same KRM functions by @dgyorgy-nokia in #336
- Add porch.kpt.dev/push-on-render-failure annotation support to packagerevision by @aravindtga in #467
- Wait for (DB) cache within the code instead of using initcontainer by @mozesl-nokia in #473
- Documentation: Add porch.kpt.dev/push-on-render-failure annotation behavior by @aravindtga in #483
- Fix update validations so it gracefully handles reuqests sent by older clients by @nagygergo in #488
- Docs - adding back missed documentation of the function runner pod templating configuration by @Catalin-Stratulat-Ericsson in #486
- Add instructions for cleaning PRs prior to human review by @liamfallon in #481
- Enable go-git caching for filesystem references by @nagygergo in #368
- gRPC vuln fix by @efiacor in #490
- Track error in cli as a workaround to avoid the retry library bug by @kushnaidu in #489
- Other vuln fixes by @efiacor in #491
- Cherry-Pick #497 - Update pod evaluator to use round-robin to delegate work to krm functions by @kushnaidu in #508
Full Changelog: v1.5.7...v1.5.8
Contributors
aravindtga, nagygergo, and 7 other contributors
Assets 8
v1.5.7
This pre-release is done to make the fixes for CVE-2025-61732 and CVE-2025-68121 available.
Highlights
- Logging improvements
- Security fixes to address CVEs, standardize alpine versions, upgraded golang, golangci-lint and mockery to latest.
- Binary files are silently ignored rather than causing errors in DB Cache
- Robustness changes around PANIC handling
What's Changed
- Skip binary files in DB cache sync by @thc1006 in #437
- incrementing porch latest version + README redirect to new documentation by @Catalin-Stratulat-Ericsson in #450
- Address gosec errors by @efiacor in #452
- Standardize Alpine version across all Dockerfiles by @aravindtga in #449
- Refactor Porch to remove all cloned kpt code by @liamfallon in #411
- Run containers as non-root user for improved security by @aravindtga in #451
- Remove unused "package" functions from Porch by @liamfallon in #440
- Fix boilerplate YEAR on generated code by @liamfallon in #391
- Add setup script for disaster-recovery testing environment by @JamesMcDermott in #367
- Add disaster-recovery test suite by @JamesMcDermott in #454
- security: upgrade golang to 1.25.7 to fix CVE-2025-61732 by @liamfallon in #457
- Add OTEL Autoexports to Porch components by @nagygergo in #310
- Standardize Golang version across all Dockerfiles by @aravindtga in #455
- Fix panic when listing packages with missing repository in cache by @kushnaidu in #459
- Fix e2e image build job by @efiacor in #464
- Document disaster-recovery test suite by @JamesMcDermott in #463
- Add OTEL environment variables to launch.json by @kushnaidu in #466
- Logging Improvements by @Catalin-Stratulat-Ericsson in #460
- Bump golangci-lint to v2.10.1, mockery to 3.6.4, and fix whitespace by @aravindtga in #469
- Disaster-recovery suite - if kubeconfig for Porch cluster doesn't exist, run setup script by @JamesMcDermott in #472
- Remove use of porch Clientset by @efiacor in #471
- Cherry pick the contents of PR 465 to main by @liamfallon in #474
Full Changelog: v1.5.6...v1.5.7
Contributors
aravindtga, nagygergo, and 6 other contributors
Assets 8
v1.5.6
This is the Porch release for Nephio R6. The detailed changes are listed below.
Highlights
- Porch documentation completely rewritten
- Multi porch repo on a single git repo is supported correctly
- Make labels and annotations in the Kptfile accessible on kubernetes queries
- Async notification is issued for latest PR being deleted
- End to End tests completely refactored
- Removal of first tranche duplicated kpt code
- CVE Upgrade go version to v1.25.6 to fix CVE-2025-61729
- Use context-aware database methods for tracing propagation
New Contributors
- @r-yabyab made their first contribution in #388
- @aravindtga made their first contribution in #396
- @thc1006 made their first contribution in #398
- @matdome made their first contribution in #438
What's Changed
- Cleanup OWNERS file by @efiacor in #382
- Return error immeditely in function-runner if image doesn't exist by @kushnaidu in #381
- Remove CI presubmits from push to main by @efiacor in #383
- Add pkgrev finalizer removal by @efiacor in #376
- Send an async update notification to the next latest revision if the existing latest package revision is deleted by @kushnaidu in #380
- Remove gcp bp dependency by @efiacor in #379
- Disallow package creation inside an existing package by @lapentad in #373
- Refactor e2e suite and cleanup by @efiacor in #384
- Implement watch for packagerevisionresources by @r-yabyab in #388
- Porting docs back to porch repo by @Catalin-Stratulat-Ericsson in #387
- Make labels and annotations in the Kptfile accessible via the PackageRevision object by @mozesl-nokia in #375
- Support registration of multiple Porch repositories pointing to the same Git repository, and add webhook validation to detect and handle conflicts during repository creation by @kushnaidu in #335
- Fix git.go compile error after 335 and 375 merge by @kushnaidu in #395
- Remove internal kpt options and types, use kpt library instead by @aravindtga in #396
- Use the kptdev/kpt types instead of the Porch identical cloned types by @liamfallon in #390
- Switch from cloned krm-functions-sdk to kptdev/krm-functions-sdk by @liamfallon in #392
- Add wait to TestPodEvaluator by @nagygergo in #389
- Fix 'test-e2e-clean' make target by @aravindtga in #394
- Fix klog depth consistency in packagePrinter for accurate source location reporting by @aravindtga in #397
- Update E2E test entrypoints to use api subdirectory by @aravindtga in #393
- Cleanup after PR #375: rename function and consolidate tests by @thc1006 in #398
- #1008 - nil object in watch event causes api-server to report errors by @kushnaidu in #399
- Use the kptdev pkg/lib/errors and pkg/lib/builtin modules and delete cloned Porch modules by @liamfallon in #404
- Remove cloned krm functions and use kptdev/krm-functions-catalog krm functions by @liamfallon in #400
- Sync E2E CI kpt version with go.mod by @aravindtga in #407
- Skip CI when only docs changed by @efiacor in #415
- Add summary job for docs skip mech by @efiacor in #419
- Add check-change job for ci by @efiacor in #421
- new main page by @Catalin-Stratulat-Ericsson in #412
- Fix upgrade packageRevision filtering by @kushnaidu in #416
- #1025 Improve git push retries and it's logging by @kushnaidu in #408
- Improve cached dir initialization by @kushnaidu in #401
- Force netlify previews always by @efiacor in #427
- adding docs landing page and removing old template by @Catalin-Stratulat-Ericsson in #413
- Adding landing page for guides section by @Catalin-Stratulat-Ericsson in #424
- cleaned up glossary by @Catalin-Stratulat-Ericsson in #428
- Refactoring Installation Section by @Catalin-Stratulat-Ericsson in #423
- Upgrade go version to v1.25.6 by @efiacor in #422
- Use context-aware database methods for tracing propagation by @thc1006 in #405
- Add hugo build data to gitignore by @efiacor in #430
- Add allowWatchBookmarks feature to packagerevision/resources watcher by @kushnaidu in #431
- Revamped porch overview section by @Catalin-Stratulat-Ericsson in #414
- Add Config & Deploy sections by @efiacor in #433
- Adding cache documentation by @Catalin-Stratulat-Ericsson in #432
- Adjust mockery container image tag by @matdome in #438
- Created cli and api reference guide by @Catalin-Stratulat-Ericsson in #426
- Add Porch disaster-recovery document by @JamesMcDermott in #429
- Reworking the concepts section by @Catalin-Stratulat-Ericsson in #417
- Adding Controller Documentation by @Catalin-Stratulat-Ericsson in #436
- Adding Function Runner Documentation by @Catalin-Stratulat-Ericsson in #439
- Adding Api Server Documentation by @Catalin-Stratulat-Ericsson in #441
- Removing Best Practices & Security Sections by @Catalin-Stratulat-Ericsson in #443
- Documenting the porch engine by @Catalin-Stratulat-Ericsson in #402
- Docs Minor Patches by @Catalin-Stratulat-Ericsson in #445
- Docs relrefs by @Catalin-Stratulat-Ericsson in #444
- Adding contribution guide by @Catalin-Stratulat-Ericsson in #434
- Docs - Minor Fixes in Porch Engine by @aravindtga in #446
- Fixing minor issues with Main Page by @Catalin-Stratulat-Ericsson in #448
- Removing Old Documentation + Fixing 2 Stub Introduction Pages by @Catalin-Stratulat-Ericsson in #447
Full Changelog: v1.5.5...v1.5.6
Contributors
r-yabyab, aravindtga, and 10 other contributors
Assets 8
v1.5.5
This release is v1.5.5 of Porch and is a Release Candidate of Porch for Porch R6.
- Git repo connectivity check optimization
- Small fixes to prevent overlapping PRs in subpackages and prevent double entries of package contexts in PRs
- Resturcturing of end to end tests
- Refactoring of API imports and removal of unused strategies from the clone task
What's Changed
- Fix duplicate package lists, add missing path for dbcache, and set kind k8s request-timeout to 5m by @kushnaidu in #357
- Replace kpt repo in TestGitRepositoryWithReleaseTagsAndDirectory to make the test stable by @kushnaidu in #358
- Bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @dependabot[bot] in #359
- Make imports of the Porch API consistent across the go codebase by @liamfallon in #340
- Make porch cache-type configurable by @efiacor in #346
- Refactor out 3pp fn-runner suite by @efiacor in #360
- Improve mutex handling in git.go and add log completion for API calls by @kushnaidu in #363
- Fix mutexes in cache entrypoint by @kushnaidu in #369
- Remove use of platkrm/test-blueprints from e2e suite by @efiacor in #361
- Remove addition of "package-context.yaml" to sub-packages in a PackageRevision by @liamfallon in #364
- Prevent "main" branch creation for subpackages in Porch by @lapentad in #366
- Revert mutex changes in git.go and cr-cache by @kushnaidu in #372
- Revert mutex changes db openRepository by @kushnaidu in #374
- Refactor e2e workflows to 1 matrix by @efiacor in #365
- Move git connectivity check into background.go by @kushnaidu in #370
- Removed strategies from clone task by @lapentad in #371
- Ignore git connectivity failure for branch doesn't exist if createBranch is set to true by @kushnaidu in #377
Full Changelog: v1.5.4...v1.5.5
Contributors
dependabot, liamfallon, and 3 other contributors
Assets 8
v1.5.4
Welcome to the v1.5.4 pre-release of Porch.
Note
Porch switches to the kptdev version of kpt in this release. All kpt imports, KRM catalog functions, and the KRM functions SDK are used from kptdev. The GoogleContainerTools version of kpt is no longer used.
Important
Porch will only support 1.30+ k8s distributions from this release on. We have updated the versions of Kubernetes dependencies used in Porch
New Features
Per repository synchronization
- Individual repository sync configuration can now be specified in the Repository CRD
- A one-time synchronization can be set directly on the Repository CR or ordered with a new
porchctl repocommand - Introduced a new mechanism for changing Repository CR status when reconciliation is in progress
- list-timeout-per-repo default value increase to 20 seconds.
- fetchRemoteRepositoryWithRetry parameter introduced, with a default value of 4
- New CLI command for Repository synchronization added and new parameter added for Repository registration to set a synchronization cron schedule.
- Sync handler introduced as a common interface between CR and DB cache.
What's Changed
- Remove Patch leftovers from API by @liamfallon in #316
- Run repo refresh from background.go only when CR is modified by @kushnaidu in #315
- DB Cache: Implement package filtering by @liamfallon in #317
- Split dev & prod docker build-push actions by @efiacor in #318
- Porchctl: Upgrade fallback when there is no original edit task by @lapentad in #320
- Add a generic PR template by @efiacor in #319
- Postgres image update to new Bitnami repository by @JamesMcDermott in #322
- Rewrite DB cache tests to use testify test suite by @mozesl-nokia in #321
- Bump go version to 1.25 by @efiacor in #323
- Fix porch release gh actions by @efiacor in #324
- Update mockery to v3 by @lapentad in #327
- Add verbose level 3 for listPackageRevision calls by @kushnaidu in #325
- chore: Cleanup error logging when can't delete webhook by @liamfallon in #329
- Refactor field-selector filtering for PackageRevision list operation by @JamesMcDermott in #273
- Replace multi line formatting to single line formatting for kpt logs by @kushnaidu in #326
- Fix background.go panic when cachedRepo is nil by @kushnaidu in #332
- Fix make generate target by @efiacor in #331
- Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 by @dependabot[bot] in #334
- Bump SonarSource/sonarqube-scan-action from 5.0.0 to 6.0.0 in /.github/workflows by @dependabot[bot] in #333
- Fix: make test target fail pipeline on test failures by @kushnaidu in #337
- Update go test to use porch user for dbcache tests by @kushnaidu in #338
- Bugfix bfs render by @lapentad in #339
- Fix stdout bug in upsert-db-cache-data by @efiacor in #344
- Refactor makefile and scripts setup by @efiacor in #342
- Convert Porch to use the github.com/kptdev version of kpt by @liamfallon in #343
- Aligned clone validation between client and server by @lapentad in #330
- Fix dev-gitea svc not ready failure by @efiacor in #345
- Revert gitea curl address to localhost by @efiacor in #348
- Remove .prow.yaml refs from workflows by @efiacor in #347
- Improve repository reconciliation to use cron based periodic syncs and introduce one time syncs by @kushnaidu in #328
- Update gitea dev setup to query healthz url and then create repos with a retry mechanism by @kushnaidu in #351
- Fix porchctl dev release workflow by @efiacor in #350
- Remove redundant apiserver validatingAdmissions flag by @efiacor in #349
- Add validation to disallow latest label changes and improve rpkg delete in dbcache by @kushnaidu in #352
- Increase e2e test repo ready context deadline by @liamfallon in #354
- Fix "make generate" make target by @liamfallon in #353
- Fix release workflow permissions by @efiacor in #356
New Contributors
- @dependabot[bot] made their first contribution in #334
Full Changelog: v1.5.3...v1.5.4
Contributors
dependabot, liamfallon, and 5 other contributors
Assets 8
v1.5.3
Highlights
- Update of PRs is replaced by Upgrade
- Parallel listing of PRs on repos
- Improvements to DB cache
- Kubernetes API server code cloned as a workaround
Incompatabilities
- New upgrade is incompatible with old update on porchctl and on API calls
What's Changed
- Ensure task list is single element, introduce upgrade task by @mozesl-nokia in #252
- Fix "svc already exists" errors while executing concurrent API calls by @kushnaidu in #295
- fix controller-runtime logger not set by @lapentad in #297
- Disable InferAssociativeLists, add more tests by @mozesl-nokia in #299
- Updated porch e2e tests to use service manifest from function pod template configmap by @gkumar78 in #285
- Fix custom CA bundle resolution by @mozesl-nokia in #296
- Workaround: Change kube-apiserver timeout for mutating operations by @nagygergo in #300
- Manually choose the upgrade strategy in porchctl by @lapentad in #301
- Update pkgRevUpdateDB to create row if it doesn't exist or update it for main pkgRev by @kushnaidu in #304
- updating the porchctl cli help instructions & examples for the rpkg command by @Catalin-Stratulat-Ericsson in #291
- Fix force-delete-replace(merge Kptfile) and add filter to not copy comments for YTT(#@ and #!) by @kushnaidu in #302
- Added RemoveStaleItems in
copy-mergeby @lapentad in #306 - Increase genericapiserver and webhook server timeouts by @kushnaidu in #305
- Minor improvements to Porch by @liamfallon in #308
- Make parallel repository listing configurable + Porch server doesn't respond to PackageRevision queries if one of the registered git repositories fails by @rendre-greyling in #282
- Reintroducing Events for Approve & Delete Operations in DB Cache by @Catalin-Stratulat-Ericsson in #307
- DB Cache locks and creationTimestamp enhancements by @liamfallon in #309
- Fix missing Tasks List in db-cache, update wrapper-server and render logs by @kushnaidu in #313
- Fix porchctl rpkg get fails on a PR with a semantic workspace name by @liamfallon in #312
Full Changelog: v1.5.2...v1.5.3
Contributors
nagygergo, gkumar78, and 6 other contributors