Security Context Setting for Fission Installation
By default, Fission runs with the
default security context. This means that it will be run as root.
We have added settings in Helm chart for securityContext across all services in Fission.
You can enable recommended securityContext settings during Fission installation.
E.g. By settings values in fission installation through
executor.securityContext.enabled: true router.securityContext.enabled: true buildermgr.securityContext.enabled: true controller.securityContext.enabled: true kubewatcher.securityContext.enabled: true storagesvc.securityContext.enabled: true
We plan to make this setting default in the future.
Also, we have added recommended security context for builder and function pods.
runtimePodSpec.enabled: true builderPodSpec.enabled: true
If you want to patch the security context or any fields for podSpec which are common across all functions you can modify
- [issue-2401] Added pod security context for Fission Components #2449 (baba230896)
- Added support to set builder and fn pod specs via helm chart #2461 (blackfly19)
Enhancements in Storage Service
We have introduced a CLI to operate archives in Fission Storage Service. Please refer to Fission Archive CLI for more details.
- CLI to operate archives managed by Storage Service #2450 (blackfly19)
- Added variable to enable or disable archivePruner #2458 (blackfly19)
- Fix for archivepruner to delete files only from subdir #2456 (blackfly19)
Keda Nats JetStream Support
Please check documentation for Keda Nats JetStream Support.
- Jetstream Connector for Keda #109(neha-Gupta1)
- Handle error condition in jetstream connector #111(neha-Gupta1)
- add values for jetstream connector #2515 (neha-Gupta1)
- builder: Allow command with arguments via custom build options #2453 (shubham-bansal96)
- Ensure poolmanager fn address validation even if pod has active connections #2441 (blackfly19)
- Pods immediately terminate for idletimeout in new deployment and container executer type #2459 (shubham-bansal96)
- Avoid fission installation failure due to analytics connection error #2457 (shubham-bansal96)
- Upgraded controller-gen to remove status from fission CRDs #2454 (sanketsudake)
- Fix pre-check failure during new fission installation #2437 (shubham4443)
- Fixed help for ColdStarts metric in executor according to new labels #2446 (blackfly19)
- Update controller-tools to v0.9.2 #2467 (sanketsudake)
- OpenTelemetry package update to v1.7.0 #2466 (shubham-bansal96)
- Update github.com/opencontainers/runc dependency to 1.1.2 #2448 (blackfly19)
- Added fix to retrieve correct s3 urls #2465 (blackfly19)
- Increase time for port forwarding #2468 (shubham-bansal96)
- Package resource get stuck in Pending state when created without Fission CLI #2489 (shubham-bansal96)
- Prevent creating function of executor type container via fn create command #2486 (pranoyk)
- Upgrade Opentelemetry Libraries and adopt enhancements #2484 (sanketsudake)
- Generate package within 63 character limit when creating function #2482 (shubham-bansal96)
- Reestablish kakfa consumer group session on disconnection #2504 (sanketsudake)
- Ensure newdeploy function pod restart on referred configmap update #2528 (shubham-bansal96)
- Propogate context for prometheus queries via canaryconfig ops #2527 (sanketsudake)
- Dump labels and annotations for function via getmeta cli #2525 (nmiletic)
- allow two http trigger with no url and different prefix #2540 (neha-Gupta1)
- Add metric fission_mqt_message_lag for kafka mqt connector #2544 (shubham-bansal96)
- Fix dashboard linting workflow #2530 (kanuahs)
- Add Grafana dashboard linting workflow #2529 (kanuahs)
- Add cosign binary and image signing to release workflow. #2547 (kanuahs)
- Fix helm chart dashboard configmap template #2546 (kanuahs)
- Add ServiceMonitor additional labels and PodMonitor #2541 (kanuahs)
- Add grafana dashboards and configmap creation for auto provisioning #2519 (kanuahs)
- Add endPoint property description #2518 (Tri0L)
- Add Github actions release CI #2505 (kanuahs)
- Upgrade alpine version from 3.15 to 3.16 #2480 (shubham-bansal96)
- Remove CRD generation from release workflow #2513 (kanuahs)
- Update keda connector versions #2512 (neha-Gupta1)
- Update go dependencies to latest and actions used in workflows #2510 (sanketsudake)
- Update go-restful libraries #2509 (sanketsudake)
- Update kubernetes and opentelemetry dependencies #2507 (sanketsudake)
- Use sig.k8s.io/yaml instead of ghodss/yaml #2506 (sanketsudake)
- Update Go version 1.19 #2523 (sanketsudake)
- Change default branch to main across repository #2514 (sanketsudake)
- Generate fission code using code-generator from upstream 1.25 release #2534 (sanketsudake)
- HTTPTrigger/Route creation from Fission CLI is deprecated. Use
fission route createinstead. PR #2171
- We have deprecated
Spec.Methodin HTTPTrigger since 1.13.0, please use
Azure Storage Queue and Nats traditional connector
With the addition of KEDA connectors, we have removed the following connectors type fission.
- Remove deprecated Fission Azure Storage Queue connector #2404 (sanketsudake)
- Remove deprecated Fission Nats connector #2403 (sanketsudake)
Prometheus chart dependency
We have removed the prometheus dependency because it’s not required by default by fission. If you want to use canary functions or checkout fission metrics, we recommend using prometheus-community/prometheus or prometheus-community/kube-prometheus-stack.
- [helm chart] Remove prometheus chart dependency from Fission #2371 (sanketsudake)
Opentracing support removed
With addition of OpenTelemetry, we have removed OpenTracing instrumentation. Since OpenTelemetry is a superset of OpenTracing, we recommend using OpenTelemetry for tracing.
- cleanup: Remove Opentracing support as no active users #2196 (sanketsudake)
- removed unused reference of TRACING_SAMPLING_RATE #2498 (shubham-bansal96)