v1.27.0 Release Notes
Fission v1.27.0 release notes: zero-restart multi-namespace tenancy, invocation correlation and failure attribution, function debugging, and run-local.
Upgrade Notes
v1.27.0 adds multi-namespace tenancy and a function-developer observability toolkit. The new tenancy modes are opt-in — the default (tenancy.mode: static) renders byte-identical RBAC and keeps the existing master-key auth model, so a routine upgrade changes nothing for a single-namespace oradditionalFissionNamespacesinstall. Two runtime defaults do change visibly and are worth reviewing before you roll out. The minimum Kubernetes version is unchanged at 1.32.
For the general upgrade steps (CRDs, CLI, Helm chart), see the Upgrade Guide. The behavioral changes specific to v1.27.0 and the action each requires are below.
The router returns a structured JSON error body by default
A failed invocation that the router can attribute now returns a small JSON body — {component, reason, requestId, traceId, message} — instead of the previous plain-text error string, and a correlated X-Fission-Request-ID / X-Fission-Component header pair.
Status codes are preserved exactly, so any caller that only checks the response code is unaffected.
A client that parses the literal text of the old error body should be updated to read the JSON, or you can restore the exact legacy plain-text body by setting ROUTER_STRUCTURED_ERRORS=false.
Trace sampling now honors OTEL_TRACES_SAMPLER
The head sampler set in OTEL_TRACES_SAMPLER was previously ignored; it is now applied, so trace export aligns with the chart’s long-documented parentbased_traceidratio at 0.1.
This only matters if you have an OTLP exporter configured.
If you do, successful-trace export volume drops to the documented 10% rate while every error trace is still force-exported.
To restore 100% export, set OTEL_TRACES_SAMPLER=parentbased_always_on.
Deprecations/Removals
- The InfluxDB log driver (
fission function logs --dbtype influxdb) now prints an end-of-life warning when selected — InfluxDB v1.x is EOL. Use the defaultkubernetesdriver or the new Loki read path. - Minimum Kubernetes is unchanged at 1.32 (
kubeVersion: ">=1.32.0-0").
Highlights
- Multi-namespace tenancy — zero-restart onboarding with per-namespace isolation.
Adding a namespace no longer restarts the entire control plane or re-specializes every function (the root cause of #3298).
A new
tenancy.modevalue picks the posture:static(today’s env-seeded set, the default),dynamic(onboard a namespace with a cluster-scopedFissionTenantCR and the newfission tenantCLI, no restart), orcluster(auto-onboard every non-system namespace, for trusted single-tenant clusters). Dynamic and cluster modes derive a per-namespace HMAC key — the master key never leaves the control plane, so a compromised tenant can act only as itself — while keeping function pods (fetcher/builder) least-privilege in every mode. storagesvc also scopes archive content per namespace, so one tenant can no longer download or delete another tenant’s archive even if it learns the id; legacy bare-UUID archives are grandfathered with no migration. See Multi-namespace tenancy. - Invocation correlation and failure attribution.
Every invocation now carries a stable
X-Fission-Request-IDfrom the router through to the function pod, and a failed invocation tells the caller where it failed — a Fission component, the user’s function, a timeout, or a cold start — through a structured error body and a newfission_invocation_failures_total{component,reason}metric. Error spans are force-exported even when the base sampler would have dropped them, so failures are always traceable. - Function debugging toolkit —
fission function describe+ smartertest.fission function describe <name>is a single-pane health view answering “can I call this right now?” — invocability (warm-pod and EndpointSlice serving count), status conditions, package build status with the build log shown on a failed build, and the backing pods with aSERVEDcolumn.fission function testnow echoes the per-invocation request id and, on an attributed failure, renders a one-line diagnosis (✗ function "x" failed in executor (specialization_failed) — status 503, request abc). - Local development inner loop —
fission function run-local(alpha). Run a function locally in Docker against its real environment runtime image with no cluster round-trip, collapsing the edit→test loop to container start plus sub-second invokes. It supports all three executor types, hot reload (--watch), the builder leg for compiled languages (--build), Secret/ConfigMap and env injection (--secret/--configmap/-e), and a debugger bridge (--debug-port). See Local development with run-local. - Generic, OTLP-aligned logging read path.
The log-query path is now a pluggable driver registry with a Loki reference adapter alongside the default
kubernetesdriver, andfission function logsgains--request-id/--trace-id/--levelcorrelation filters plus real streaming--follow. Control-plane components can push their structured logs (carryingtrace_id) to an OTLP collector, and a per-invocation router access record is the correlation key that tiesfission function logs --request-id <id>together. See Logs with Loki and Function debugging.
Fixes
- storagesvc honors the S3 endpoint scheme and enables TLS for an
httpsendpoint instead of assuming plaintext. - Internal HTTP router (httpmux).
The router, executor, and storagesvc move onto a small internal mux (static +
{var}/{var:regexp}routes) and dropgorilla/mux, with an exact-route fast-path index and a WebSocket-detection fix. - Three latent bug fixes in a focused hardening pass: storagesvc no longer reports success after a truncated archive write (the close error was discarded), and the MCP token verifier and the InfluxDB response decoder no longer format a misleading
<nil>into their error messages. fission function podsREADY column printedtotal/ready(reversed); a 1-of-2-ready pod now correctly shows1/2.- Dependency hygiene — dropped the GPL-flagged
freetypefrom the build by isolating the benchmark module, replacedhashicorp/go-retryablehttpwith a stdlib retry transport, and moved WebSocket tests tocoder/websocket. - Helm chart published as 1.27.0, versioned independently from the app version.
Changelog
What’s Changed
- fix(storagesvc): honor scheme in S3 endpoint and enable TLS for https by @SAY-5 in https://github.com/fission/fission/pull/3499
- Multi-namespace tenancy: PRD + phased implementation (#3298) by @sanketsudake in https://github.com/fission/fission/pull/3497
- chore(deps): bump the go-dependencies group with 6 updates by @dependabot[bot] in https://github.com/fission/fission/pull/3496
- feat: namespace-scoped archive content isolation in storagesvc (RFC tenancy Phase 7) by @sanketsudake in https://github.com/fission/fission/pull/3500
- refactor(tenancy): single-source fetcher/builder RBAC across Go and Helm (Phase 6 base) by @sanketsudake in https://github.com/fission/fission/pull/3501
- feat(tenancy): opt-in tenancy.mode=cluster (watch-all) + tenancy config/code cleanup by @sanketsudake in https://github.com/fission/fission/pull/3502
- docs(tenancy): refresh multi-namespace status docs for the completed effort by @sanketsudake in https://github.com/fission/fission/pull/3503
- chore(deps): replace hashicorp/go-retryablehttp with a stdlib retry transport by @sanketsudake in https://github.com/fission/fission/pull/3505
- chore(deps): isolate test/benchmark into its own module to drop freetype (GPL-flagged) by @sanketsudake in https://github.com/fission/fission/pull/3506
- test(deps): move websocket tests from gorilla/websocket to coder/websocket by @sanketsudake in https://github.com/fission/fission/pull/3507
- ci(integration): serialise pod DNS A/AAAA queries to stop CoreDNS i/o-timeout flakes by @sanketsudake in https://github.com/fission/fission/pull/3509
- feat(httpmux): internal HTTP router (static + {var}/{var:regexp}) + pure-recorder metrics; migrate executor/storagesvc by @sanketsudake in https://github.com/fission/fission/pull/3510
- feat(router): migrate router onto httpmux; drop gorilla/mux (Phase 3) by @sanketsudake in https://github.com/fission/fission/pull/3512
- perf(httpmux/router): exact-route fast-path index + metrics alloc + websocket-detection fix by @sanketsudake in https://github.com/fission/fission/pull/3513
- refactor: simplify executor/CLI internals, harden error handling, fix 3 latent bugs by @sanketsudake in https://github.com/fission/fission/pull/3514
- RFC-0015: invocation correlation & failure attribution by @sanketsudake in https://github.com/fission/fission/pull/3515
- RFC-0016 (read path): logdb registry + Loki adapter + correlation filters by @sanketsudake in https://github.com/fission/fission/pull/3516
- RFC-0016 (collection): router per-invocation access record (external-collector model) by @sanketsudake in https://github.com/fission/fission/pull/3517
- test(rfc-0016): CI OTel Collector + Loki round-trip for the logging read path by @sanketsudake in https://github.com/fission/fission/pull/3518
- feat(cli): RFC-0017 — function debugging toolkit (describe + test enrichment) by @sanketsudake in https://github.com/fission/fission/pull/3519
- feat(cli): RFC-0016/0017 — streaming
logs --follow+ data-plane invocability in describe by @sanketsudake in https://github.com/fission/fission/pull/3520 - feat(otel): RFC-0016 — control-plane OTLP log push + collection-layer metrics by @sanketsudake in https://github.com/fission/fission/pull/3521
- RFC-0018:
fission function run-local— local-development inner loop (phases 0–5) by @sanketsudake in https://github.com/fission/fission/pull/3522 - chore(gomod): flatten require blocks into one direct, one indirect, one tool by @sanketsudake in https://github.com/fission/fission/pull/3523
- chore(release): prepare 1.27 by @sanketsudake in https://github.com/fission/fission/pull/3524
- chore(codegen): regenerate swagger docs for FissionTenant by @sanketsudake in https://github.com/fission/fission/pull/3525
New Contributors
- @SAY-5 made their first contribution in https://github.com/fission/fission/pull/3499
Full Changelog: https://github.com/fission/fission/compare/v1.26.0...v1.27.0