Skip to content

Releases: zarf-dev/zarf

v0.18.0

27 Apr 04:42
v0.18.0
7c52e71
Compare
Choose a tag to compare

Video update below:

v0.18.0 Video Update

⚠️ Breaking changes

  • The gitops-service component in the Zarf Init Config has been renamed to git-server. Change your automation scripts from zarf init --components gitops-service to zarf init --components git-server

New Features

Fixes

Changes

New Contributors

Full Changelog: v0.17.0...v0.18.0

v0.17.0

31 Mar 14:39
bea1002
Compare
Choose a tag to compare

⚠️ This release contains breaking changes

What's Changed

New Contributors

Full Changelog: v0.16.2...v0.17.0

v0.16.2

22 Mar 06:59
v0.16.2
90da708
Compare
Choose a tag to compare

What's Changed

New Contributors

Known Issues

  • ARM is not fully supported yet (#386)
  • Image mutation and secrets are only used if zarf deploys the K8s resource, if a subsequent resource is deployed by a Gitops tool such as Flux or ArgoCD, those will not be mutated yet (#334)
  • The internal zarf registry and gitops server are not yet HA (#375, #376)

Full Changelog: v0.16.1...v0.16.2

v0.16.1

15 Mar 22:07
5868bb2
Compare
Choose a tag to compare

What's Changed

Known Issues

  • ARM is not fully supported yet (#386)
  • image mutation and secrets are only used if zarf deploys the K8s resource, if a subsequent resource is deployed by a Gitops tool such as Flux or ArgoCD, those will not be mutated yet (#334)
  • The internal zarf registry and gitops server are not yet HA (#375, #376)

Full Changelog: v0.16.0...v0.16.1

v0.16.0

12 Mar 00:56
v0.16.0
58e3cd5
Compare
Choose a tag to compare

What's Changed

New Contributors

Known Issues

  • ARM is not fully supported yet (#386)
  • image mutation and secrets are only used if zarf deploys the K8s resource, if a subsequent resource is deployed by a Gitops tool such as Flux or ArgoCD, those will not be mutated yet (#334)
  • The internal zarf registry and gitops server are not yet HA (#375, #376)

Full Changelog: v0.15.1...v0.16.0

v0.15.1

08 Mar 23:25
74b38bd
Compare
Choose a tag to compare
v0.15.1 Pre-release
Pre-release

What's Changed

  • Minor updates to improve debugging
  • Doc updates
  • Updates to examples
  • Better support around existing $KUBECONFIG env vars
  • Add a linter configuration
  • Add issue and pull request templates
  • CI automated test updates

Full Changelog

  • Make GitOps E2E test more robust + minor cleanup (#310)
  • Add big-bang-umbrella folder back to Zarf examples with a README that redirects the reader to the new repo that replaced it (#308)
  • Add zarf prepare docs (#314)
  • Normalize trace references for debug/trace output (#305)
  • Check for a $KUBECONFIG env-variable (#316)
  • fix: make fetch-release creates sync dir if not exists (#317)
  • Update Big Bang example (#327)
  • New Example - Istio with separately loaded TLS cert (#298)
  • Add issue templates (#336)
  • Create .golangci.yml (#349)
  • update postrender to validate secret contents (#331)
  • Add a pull request template (#353)
  • Update Contributor Guide & Add ADR docs (#356)
  • Fix pull request template (#358)
  • Pull Kubescape out of the Big Bang example (#362)
  • E2E test optimization for multi-distro support (#319)
  • Add k8s auth plugins (#368)
  • Upgrade Big Bang example to latest version (#346)

v0.15.0

09 Feb 17:08
9eb207e
Compare
Choose a tag to compare
v0.15.0 Pre-release
Pre-release

⚠️ Contains breaking changes. Please see release notes for details

What's Changed

  • Multi-distro support (Zarf Native Apply Work) #237
    • add arm64/generic arch support
    • adds in-memory embedded registry to serve registry image from "seed" config spec
    • add local-distro image injection support
    • handles helm charts install/upgrade/rollback/uninstall via helm directly
    • manages raw manifests as zarf-generated helm charts for helm-native management
    • add tunnel capability to access zarf endpoints without ingress config
    • auto-inject imagePullSecret into any service account zarf touches and any namespace default service account
    • auto-inject registry pull credentials into all namespaces for use by service accounts
    • allow multiple helm charts to be installed in the same namespace without conflict
    • flattens image collection to single tarball
    • remove root / linux requirements for zarf deployments
    • remove k3s install requirement
    • remove traefik component requirement
    • add K8s distro-detection and distro-specific seed image behaviors
    • document local registry per https://github.com/kubernetes/enhancements/tree/master/keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry
    • reorganize logging, remove logrus, replace with pterm, add progress cli feedback
    • add support for stacking helm values files
    • normalize log levels: info, warn, debug, trace
    • update go mod deps
    • move zarf state to a k8s secret in the zarf namespace
    • support zarf destroy for 3rd-party clusters
    • move crane image cache to sub folder under home
    • add support for multiple users with htpasswd
    • add path key for git-based helm charts
    • remove need for PKI prompts on default init
    • add storage class tracking in zarf state for multi-distro compatibility
    • reduce code for init/deploy to the same function call
    • add command line aliases for the cli
    • vendor k9s into zarf to support multi-arch/multi-os
    • make more games for the game example to demonstrate multiple zarf connect in the same component
    • add zarf prepare find-images to lookup images for a zarf config to help with package creation
    • add zarf destroy --remove-components for removing zarf-installed charts outside of the zarf ns
    • add zarf connect 🦄 combined with a new svc label, zarf.dev/connect-name=🦄 to make dynamic app tunnels
  • Use /usr/sbin instead of /usr/local/bin to accommodate RHEL #300
  • Always respect the --confirm flag #297
  • The example "Big Bang Umbrella" (a.k.a. "Software Factory") was moved to its own repo. It is no longer being treated as an example, but the first of many pre-built Zarf packages for easy turn-key deployment of popular kubernetes-based tools.

v0.14.0

13 Dec 23:03
b2c7a26
Compare
Choose a tag to compare
v0.14.0 Pre-release
Pre-release

Until we finish migrating from Repo1 to GitHub the release artifacts can be found HERE.

⚠️ Contains breaking changes. Please see release notes for details

Known issues

  • Sometimes, usually after a zarf destroy, the .zarf-state.yaml and $HOME/.git-credentials files will get into a bad state, where the IP address / hostname is not present in the configuration, and zarf package deploy fails because it doesn't know where to push the docker images. This issue is resolved in v0.15.0 and can be mitigated on v0.14.0 by deleting .zarf-state.yaml and $HOME/.git-credentials (assuming there isn't other non-zarf stuff in it) after running zarf destroy. See #347 for more details.

What's Changed

  • Add .tool-versions file (#191)
  • Fix the Big Bang Core example to do GitOps correctly (#185)
  • Loosen Terraform version restriction in E2E tests (#199)
  • Doc updates (#198)
  • PR #196 did a bunch of stuff:
    • ⚠️ BREAKING: localhost is no longer a valid option for cluster ingress when initializing a zarf cluster. Instead you have to use a 127.0.0.1 or some other local ip found via ifconfig.
    • Add the ability to choose from what should be valid hostnames or IP addresses when running zarf init due to the above breaking change
    • Stop depending on 127.0.0.1 local bindings for the registry & gitops service. Fixes #193
    • Resolve outstanding issues with image hostname swapping. Fixes #18, #44, and #194
    • Adds before and after script options when defining a zarf.yaml with an optional retry flag
    • Add symlink to ZarfFile for creating links to places files
    • Add template boolean to ZarfFile to allow injection of zarf variables into text files
    • Adds a new zarf tool command to print out config schema and commit the output to the repo (will need to make a git hook or something later on)
    • Changes zarf destroy command to run any script that starts with zarf-clean instead of only running the k3s-remove script
    • Add new ZarfState and .zarf-state.yaml for persisting host information from zarf init to zarf package deploy
    • Remove all hard-coded logic for k3s install, now uses only standard zarf component features like everything else
    • Upgrades k3s from v1.21.2 to v1.21.6
    • Adds optional regex filter for when performing RecursiveFileList()
    • Adds more description to the components in zarf.yaml
    • Renames type ZarfConfig to ZarfPackage in the config pkg
    • Handful of general code organizing changes (moving yaml related functions to the ...../utils/yaml.go, etc.)
    • Expose execCommand() with stdout control
    • Move traefik to standalone component and drop the internal k3s install of traefik
    • Use the airgap tarball of K3s instead of manually listing images

v0.13.4

07 Dec 20:09
b370a77
Compare
Choose a tag to compare
v0.13.4 Pre-release
Pre-release

Until we finish migrating from Repo1 to GitHub the release artifacts can be found HERE.

What's Changed

  • You can now omit the @tag part when specifying git repos to load into the gitops service. When you omit the tag it brings over the entire repo. (#155)
  • Updated the Terraform version used in the E2E tests to v1.0.11 (#180)
  • The version of Zarf used to build a package is displayed when you inspect the package (#179)
  • Update zarf version to use all tags, not just annotated ones (#168)
  • Docs updates (#163, #172)

v0.13.3

09 Nov 01:43
0e71a67
Compare
Choose a tag to compare
v0.13.3 Pre-release
Pre-release

⚠️ Contains breaking changes

Until we finish migrating from Repo1 to GitHub the release artifacts can be found HERE.

What's Changed

⚠️ BREAKING: The private container registry that zarf init deploys now requires auth

Packages will need to include imagePullSecrets: in their pod manifests and a corresponding regcred. See the Kubernetes documentation for more information. Using the special string ###ZARF_DOCKERAUTH### in your manifests will be automatically picked up by Zarf during package deploy and replaced with a properly formatted auth string, which is the base64 encoded username:password

Here's an example of a valid Secret manifest for images that originated from Registry1 or DockerHub (K3s automatically redirects them to the private registry):

apiVersion: v1
kind: Secret
type: kubernetes.io/dockerconfigjson
metadata:
  name: private-registry
  namespace: my-cool-app
stringData:
  .dockerconfigjson: |
    {
      "auths": {
        "registry1.dso.mil": {
          "auth":"###ZARF_DOCKERAUTH###"
        },
        "docker.io": {
          "auth":"###ZARF_DOCKERAUTH###"
        }
      }
    }

Deploy remote packages

Now you can run zarf package deploy on remote packages.

Example:

# Naughty way
zarf package deploy https://example.com/some-package.tar.zst --insecure

# Good way
zarf package deploy https://example.com/some-package.tar.zst --shasum 15h1oi2h5ni1o2y5iunb1t25bui1t25gnu12n5

Full Changelog

Note: The v0.13.0, v0.13.1, and v0.13.2 releases were aborted due to a broken pipeline. This release replaces v0.13.0 with the only change being fixing the release pipeline. We do it this way because we believe artifacts should be immutable.

  • #93 - Add E2E test framework with Terratest
  • #91 - Simplify the Vagrant workflow when running the examples
  • #94 - Add framework for GitHub Actions with pull request chatops dispatching
  • #95 - Integrate the E2E tests with the GitHub Actions pipeline
  • #103 - Add Contributor Guide
  • #104 - Roll back changes to the Big Bang example NetworkPolicy CIDRs for better demo compatibility
  • #106 & #110 - Add more E2E tests
  • #112 - Add pre-commit hooks
  • #98 - Beginnings of an overhaul on the repo's documentation
  • #116 - Add zarf version command
  • #117 - Fix the Makefiles for compatibility with M1 Macs
  • #111 - Update the version of kubescape in the Big Bang Core example
  • #124 - Add "Get Started" documentation for running the Doom game example
  • #126 - Update Helm library to v3.7.0
  • #107 - Add check to make sure all components passed in --components flag exist
  • #135 - Add Zarf Components documentation
  • #128 - Add check for illegal characters in entered hostnames
  • #139 - Add flag for setting the log level
  • #147 - Unify to one go.mod to make VS Code happy
  • #151 - Run pre-commit run -a an the codebase
  • #143 - Add ability to deploy remote packages
  • #157 - Add Logging documentation
  • #156 - Remove unnecessary logging package and set log level in root
  • #158 - Update GitHub Actions pipeline to use the new robot account for Registry1
  • #144 - Add authentication to utility registry
  • #160 - Fix the GitLab release pipeline
  • #162 - Fix legacy E2E tests and remove them from critical path to cutting a release
  • #165 - Fix GitLab release pipeline dependency