Releases: weaveworks/weave-gitops
Releases · weaveworks/weave-gitops
0.39.0-rc.1 Rising Phoenix
⚠️ Breaking changes
This release does not support Kubernetes versions below K8S 1.31.1 and is strictly compatible with flux 2.4.0 onwards.
💸 Features and improvements
- Added support for Flux 2.4.0 to take advantage of the latest features and improvements.
- Updated UI to the latest React and MUI versions to improve performance and user experience, as well as fix security vulnerabilities.
- Updated all backend dependencies to the latest versions to address security concerns and improve stability.
- A new documentation domain has been made available to improve user experience and make finding the information you need easier.
- Deprecated support for Flux versions before v2.4.0 to ensure compatibility with the latest features and improvements and ease of maintenance for future releases by a smaller team of maintainers.
- Added feature toggling to enable OpenTofu compatibility.
🔧 How to Test:
- Download the release candidate from the link above.
- Follow the installation guide to set it up.
- Report any issues or feedback on our GitHub Issues page.
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.4 |
>= 2.4.0 |
For Flux migrations to v2.0, see the documentation for flux.
Kubernetes compatibility
| K8S version | Minimum required |
|---|---|
>=1.31.x |
>= 1.31.0 |
Contributors
Gratitude to the following developers for making this release candidate possible:
erikgb
tenstad
mproffitt
gusevda
casibbald
bigkevmcd
makkes
foot
enekofb
No amount of thanks is sufficient to show gratitude to all the previous contributors who got the product to where it was before this release; we stand on the shoulders of giants!
What's Changed
- Update LICENSE to Apache 2 by @bigkevmcd in #4201
- Make pipeline green again by @casibbald in #4207
- CI: temporarily disable docs until algolia key issue is addressed by @casibbald in #4211
- build(deps): Bump follow-redirects from 1.15.2 to 1.15.9 in /website by @dependabot in #4212
- build(deps): Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #4208
- build(deps): Bump webpack from 5.76.1 to 5.94.0 in /website by @dependabot in #4213
- build(deps): Bump micromatch from 4.0.5 to 4.0.8 in /website by @dependabot in #4214
- build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 by @dependabot in #4215
- build(deps): Bump http-proxy-middleware from 2.0.6 to 2.0.7 in /website by @dependabot in #4210
- build(deps): Bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #4184
- build(deps): Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 by @dependabot in #4185
- build(deps): Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /website by @dependabot in #4199
- build(deps): Bump express from 4.18.2 to 4.21.1 in /website by @dependabot in #4216
- Revert me when target is ready - temporarily disable image upload by @casibbald in #4218
- revert-me when new ossf is available by @casibbald in #4219
- charles | revert-me when new ossf is available [1] by @casibbald in #4220
- build(deps): Bump braces from 3.0.2 to 3.0.3 in /website by @dependabot in #4217
- CI: testing bumping proto by @casibbald in #4221
- Ensure health status for custom resources implementing kstatus by @erikgb in #4192
- Dont sitemap versions by @enekofb in #4112
- Helm: Add namespace to all resources by @megum1n in #4195
- Upgrade flux to 2.4.0 by @weave-gitops-bot in #4232
- renable osf by @casibbald in #4233
- Support flux 2 4 0 by @casibbald in #4230
- fix: GetInstalledDashboard should support nil Chart by @erikgb in #4236
- Fix scorecard workflow by @makkes in #4239
- fix: audit errors around nanoid by @casibbald in #4242
- fix: test pinned dependencies by @casibbald in #4244
- Fix FOSSA errors by @casibbald in #4234
- Fix golang x crypto by @casibbald in #4245
- Fix go jose dep in mockoidc by @casibbald in #4247
- Additional go-jose dependency update by @casibbald in #4248
- New fossa key by @casibbald in #4249
- Codeql adhere to1.n.p syntax fixes by @casibbald in #4250
- Fossa securty CVE warnings by @casibbald in #4251
- Update badge links for new free FOSSA account by @casibbald in #4252
- Update urls to weaveworks.org by @casibbald in #4253
- Update email address by @casibbald in #4254
- Add go report by @casibbald in #4255
- [Snyk] Security upgrade axios from 0.28.1 to 1.7.8 by @casibbald in #4256
- [Snyk] Security upgrade axios from 0.28.1 to 0.29.0 by @casibbald in #4257
- Adding parcel and commander by @casibbald in #4258
- Fix Non-linear parsing of case-insensitive content in golang.org/x/ne… by @casibbald in #4259
- Make docs great again by @casibbald in #4260
- Update to use github pages by @casibbald in #4266
- chore: remove package lock (in favor of yarn.lock) by @tenstad in #4267
- test removal of extra slash by @casibbald in #4268
- Fix extra slash by @casibbald in #4269
- chore: run yarn install to update yarn.lock by @tenstad in #4272
- chore: cleanup package.json by @tenstad in #4273
- fix workflow by @casibbald in #4274
- chore(deps): upgrade docusaurus to v3 by @tenstad in #4270
- chore: fix yarn lock file by @tenstad in #4275
- revert: docusaurus v3 by @tenstad in #4279
- build from branch by @casibbald in #4278
- chore(deps): upgrade docusaurus to v3 by @tenstad in #4280
- fix: upgrade/migrate buf to latest release (1.48.0) by @erikgb in #4283
- ci: don't run FOSSA job in forks by @erikgb in #4285
- ci: enable Trivy vulnerability scanning by @erikgb in #4291
- ci: enable Dependabot for GH actions upgrades by @erikgb in #4292
- chore: node 22 by @tenstad in #4290
- chore: website node 22 by @tenstad in #4295
- chore: remove jest 29 resolution by @tenstad in #4284
- chore: don't delete *.iml (IDEA module) files on 'make clean' by @erikgb in #4287
- fix: jest-fail-on-console by @tenstad in #4286
- chore: remove direct dependency to github.com/pkg/errors by @erikgb in #4293
- c...
Contributors
foot, casibbald, and 11 other contributors
Assets 20
v0.38.0
💸 Features and improvements
- A new command
check oidc-configis introduced that validates a given OIDC configuration, either from a referenced Secret or from CLI flags. This will help users debug issues with Weave GitOps OIDC configuration as well as provide a way to validate a configuration before putting it on a cluster. - When suspending a Flux resource, a user can now add a reason to explain the suspension.
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
🚀 Enhancements
📖 Documentation
v0.37.0
💸 Features and improvements
- Improved Helm compatibility with OIDC providers such as GitLab or Azure, by allowing optional OIDC values.
- Bring back the anonymous access sidebar
- UI fixes for policy details pages around the description and how to solve fields.
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
🚀 Enhancements
- PR: #4143 - Add sidebar for anonymous access back.
- PR: #4139 - show suspended by annotations to metadata component
- PR: #4141 - UI | fix markdown editor overflow style
- PR: #4144 - Add note about lack of persistent storage.
- PR: #4119 - Allow optional OIDC values in Helm chart
📖 Documentation
- PR: #4132 - Fix website README
- PR: #4138 - add wge release notes for v0.32 to v0.3.60
- PR: #4133 - Add monitoring to object cleaner
- PR: #3917 - Add guides for common OIDC providers
- PR: #4137 - added docs suggestions while reviewing
- PR: #4136 - Add CLI bootstrap flux documentation
- PR: #4142 - added repo url examples in cli bootstrapping docs
- PR: #4113 - Docs: Keycloak OIDC Guide
v0.36.0
⚠️ Breaking changes
- GitOps Run has been removed from the
gitopscli.
💸 Features and improvements
- New standardised sync, suspend and resume buttons across the UI!
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
📖 Documentation
Uncategorized
- PR: #4099 - Update "No Dependencies" message with links to flux docs
- PR: #4079 - Add notification component
- PR: #4074 - Remove webkit-scrollbar css
- PR: #4096 - Generic sync/suspend/inventory listing
- PR: #4097 - Removes GitOps Run references from docs
- PR: #4108 - Add some more redirects
- PR: #4091 - Cleanup datatable
- PR: #4098 - Refactoring Status column
- PR: #4111 - fix: Remove GitOps Run CLI commands
- PR: #4080 - Standardize the sync/suspend/edit buttons
- PR: #4105 - build(deps): Bump google.golang.org/grpc from 1.51.0 to 1.56.3
- PR: #4116 - chore: Remove GitOps Run components
- PR: #4082 - build(deps): Bump @babel/traverse from 7.20.13 to 7.23.2 in /website
- PR: #4114 - Add new svg icon as CLusterDiscovery icon
- PR: #4123 - fix: Remove flag as source file has been deleted
- PR: #3846 - fix duplicate icons
- PR: #4122 - Reorders sidebar and fixes typos
- PR: #4090 - Refactor /inventory code to expose some helpers
- PR: #4126 - ci: Remove Slack notification to archived channel
v0.35.0
💸 Features and improvements
- Create Dashboard command supports Helm 'values' flags: PR: #3990
Thecreate dashboardcommand now accepts an additional--valuesflag which can be used to populate values for the Weave GitOps Helm chart. This allows users to customise the resulting HelmRelease resource, according to their needs.
We have also made minor changes in our CI workflows to make external contributions a little bit easier. Some workflows that required elevated permissions are now skipped for forks.
Finally, we have updated some of our UI libraries to protect against known vulnerabilities.
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
📖 Documentation
- PR: #4089 - Added profiling docs
- PR: #4093 - Adds clarification to WGE docs links from OSS
- PR: #4088 - update explorer docs with granular configuration
Uncategorized
- PR: #4078 - Remove test-connection.yaml
- PR: #4081 - Fix UI audit
- PR: #4083 - fix: Only run npm publish job on weave-gitops repo
- PR: #4085 - fix: Do not run for forks
- PR: #4086 - fix: Skip updating release status check in forks
- PR: #4084 - Add colors and exports for new EE pipelines UI
- PR: #4072 - Only build last 3 versions of user-guide for staging
- PR: #4087 - fix: Skip running job on forks
- PR: #4100 - fix: Partially revert #4046
v0.34.0
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
🚀 Enhancements
- PR: #4045 - fix: Update golang.org/x/net to address GO-2023-1988
- PR: #4055 - Standardize the column names on Events tabs
- PR: #4063 - upgrades postcss to address https://www.npmjs.com/advisories/1094239
🔥 UI
- PR: #4049 - Fix JSX/SVG warnings in DeliveryIcon
- PR: #3989 - UI - update tabs view
- PR: #4069 - Move header creation outside yaml view to allow for custom text
- PR: #4071 - override default tabs min-width at (600px) media query
🐛 Bugs
- PR: #4067 - Verified sources update to not display status "Pending" for objects where verification has not been set
- PR: #4066 - Fix hr related message appearing on ks
📖 Documentation
- PR: #4053 - docs: Update Acceptance policy
- PR: #4062 - docs: Bump dex chart version
- PR: #4034 - Add document on anonymous access.
Uncategorized
- PR: #4044 - Pin GitHub Actions versions - PR: #4046 - ci: Fix CI workflows to prevent script injection - PR: #4054 - ci: Run CodeQL analysis as part of CI - PR: #4056 - ci: Pin GitHub Actions versions - PR: #4058 - ci: Restrict permissions for GITHUB_TOKEN - PR: #4070 - Fixes staging-docsv0.33.0
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
🐛 Bugs
- PR: #4030 - Fix Suspend button width on Source details pages with short status message
- PR: #4022 - Fix the OIDC login button when using a RoutePrefix.
- PR: #4028 - Fix 'cluster not found' error when requesting source from automation
sourceRef - PR: #4009 - Preserve format when copy/paste yaml file
- PR: #4021 - Don't show errors if we cannot load
HelmReleasedetails (as its on another cluster viaspec.KubeConfig)
📖 Documentation
- PR: #4014 - Adds OpenSSF badge and updates user docs links
- PR: #3991 - Add GitOpsSets documentation.
- PR: #4031 - Removes error on Progressive Delivery page and adds info about UI views
- PR: #4037 - Resolves skipped backporting between versions 0.29.0 and 0.30.0
- PR: #4042 - Add templates to explorer supported kinds docs
Uncategorized
- PR: #4018 - ci: Add OpenSSF GH action
- PR: #4015 - Move Docs link from sidebar to top of page
- PR: #4026 - Document group and user prefix configuration.
- PR: #4025 - Import
ImageAutomationcomponents to be used in EE - PR: #4029 - Add noText prop to kubeStatusIndicator
- PR: #4035 - Link clusterName in image automation details
- PR: #4038 - Add text wrap to fit long term ex. progressive delivery
- PR: #4039 - Implement style updates to Alert
- PR: #4041 - Fixes the OIDC return_url param when a subpath is configured
v0.32.0
💸 Features and improvements
- Enables support for running weave-gitops under a subpath e.g. example.com/wego/ in the UI router
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
🚀 Enhancements
- PR: #3992 - UI works on subpaths
- PR: #4002 - Add Artifact Metadata section to OCI Repository detail pages
- PR: #4004 - Add Policies nav-item to the side nav
🐛 Bugs
- PR: #3987 - Fix the error could not not resolve module "node:os" from cosmiconfig preventing to build the UI
- PR: #3985 - fix Space in between buttons
- PR: #3984 - fix inconsistency in listing components
- PR: #3993 - Fix backporting gaps to prevent old docs versions from showing up in search
- PR: #3974 - Modify hook on verified status check
- PR: #3923 - Move stray Progressive Delivery text to related page
- PR: #3980 - predictable resolution for gitrepository gvk when v1 and v1beta2 exist
📖 Documentation
v0.31.2
⚠️ Breaking changes
This switches the storage from in-browser cookie storage, to using a session-based storage mechanism.
If you are running multiple replicas, you will run into issues with the lack of a shared session store.
This also means that when the gitops-server is restarted, the existing sessions will be lost (and will require that users can login again).
We are working to provide support for persistent session storage, and this will land in the next release.
💸 Features and improvements
With the switch to session-based storage, the issue where the ID Token was too big to be stored in a Cookie should be solved, this was commonly caused by Azure's use of UUIDs for groups in the OIDC groups claim.
Flux compatibility
| Flux version | Minimum required |
|---|---|
v2.0 |
>= 2.0.0 |
For Flux migrations to v2.0 see flux or weave gitops documentation.
🚀 Enhancements
- PR: #3667 - Improve feedback to user when objects aren't retrieved due to RBAC
- PR: #3946 - JWT cookie fetcher converted to session storage.
- PR: #3958 - Anonymous / No-auth mode
🔥 UI
- PR: #3953 - Add Flex with breakpoint prop
- PR: #3944 - Set static height on signin footer
- PR: #3962 - Refactor specificity for new dark mode color. And CSS enhancement to Sync Btn
- PR: #3951 - add new primary color to palette
📖 Documentation
- PR: #3964 - User docs cleanup
- PR: #3965 - docs: Add SECURITY.md
- PR: #3955 - User docs changes in WGE install guide, cluster mgmt pages
- PR: #3921 - Add Azure-related pages to user docs
Uncategorized
- PR: #3948 - Add DCO
- PR: #3954 - Weave GitOps Enterprise v0.30.0 Release Notes
- PR: #3959 - dashboard helmrepository apiVersion should be v1beta2 not v1
- PR: #3903 - fix npe when inventory object is nil
- PR: #3966 - fix: Moved security policy to the right place
- PR: #3968 - fix: Bump client-go version to 0.26.8
- PR: #3969 - Bump @adobe/css-tools from 4.0.1 to 4.3.1
v0.30.0
💸 Features and improvements
- UI token refreshing! OIDC token refreshing is now handled by the UI, this avoids unintentionally making multiple token requests to the OIDC provider. This old behaviour sometimes triggered rate limiting in OIDC providers, causing errors.
- UI polish including removing duplicate error messages and more consistency in headers and font sizes.
🔥 UI
- PR: #3927 - Filter duplicate error messages
- PR: #3842 - UI token refreshing
- PR: #3939 - Remove titles from detail pages for consistency
- PR: #3938 - update severity font size and edit violated policy column
📖 Documentation
- PR: #3941 - Fixes github-oauth link in Install WGE page
- PR: #3932 - Fix version in tf getting started guide
- PR: #3894 - Update docs with verified status
- PR: #3915 - Update video on main docs page
Uncategorized
- PR: #3830 - Bump tough-cookie from 4.0.0 to 4.1.3
- PR: #3904 - Updates user guide page names and links
- PR: #3933 - Add batch error handling to Notifications page
- PR: #3924 - WGE install pages updates
- PR: #3942 - Fixes WGE username field in installation guide
- PR: #3940 - Implement release locking to avoid publishing helm chart before container image