crossplane - v1.13.0

Security

The v1.13.0 release is a regular quarterly Crossplane release that focuses on security, quality, and investing in key feature areas to push the project forward in its maturity and reliability. Some highlights of this release include Ignore Changes, E2E Testing Framework, Security Audit performed by Ada Logic and facilitated by OSTIF, and sponsored by CNCF. See the report for more details.

More details about this release can be read in the Crossplane v1.13 blog post.

New Features

  • Ignore Changes alpha feature introduced by @lsviben. With supporting providers, you can now ignore certain changes that external systems may be making to the resources managed by Crossplane. This is an evolution of the Observe Only Resources API as it continues to mature towards Beta.

Notable changes

  • Introduced a new E2E testing framework and an initial set of test cases to ensure we don’t introduce regressions with future changes.
  • Security Audit is finished and issues found during this process are fixed.
  • Introduced resolve and resolution policies to Compositions’ environment (spec.environment.policy), allowing to ignore missing EnvironmentConfigs or use new ones added after the initial resolving of the environment selectors.

Breaking changes

  • BREAKING CHANGE: EnvironmentConfig label selection default behaviour is now to error out in case of multiple configs matching, old behaviour can be achieved by setting the selector mode to Multiple and maxMatch to 1.

What's Changed

  • Start v1.13 release cycle by @pedjak in https://github.com/crossplane/crossplane/pull/4015
  • Proposal: Break Up Large Providers by Service by @negz in https://github.com/crossplane/crossplane/pull/3939
  • Update github/codeql-action digest to 8662eab (master) by @renovate in https://github.com/crossplane/crossplane/pull/4021
  • Allow Provider service accounts access to all types within their family by @negz in https://github.com/crossplane/crossplane/pull/4010
  • Update github/codeql-action digest to f3feb00 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4029
  • set xfn image tag in kind.sh by @lsviben in https://github.com/crossplane/crossplane/pull/4024
  • Prevent configuration jobs from running on forks by @bobh66 in https://github.com/crossplane/crossplane/pull/4030
  • Avoid listing CRDs in the RBAC manager by @negz in https://github.com/crossplane/crossplane/pull/4031
  • tests: parse timestamps before comparing them by @phisco in https://github.com/crossplane/crossplane/pull/4033
  • Add shortNames for resources by @bobh66 in https://github.com/crossplane/crossplane/pull/4028
  • Update dependency golang to v1.20.4 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4039
  • Increase delay before closing stale issues to 14 days by @gberche-orange in https://github.com/crossplane/crossplane/pull/4020
  • feat: schema-aware readiness check validation by @phisco in https://github.com/crossplane/crossplane/pull/4011
  • feat: schema-aware validation of Environment Patches by @phisco in https://github.com/crossplane/crossplane/pull/4035
  • fix(alpha): readiness checks validation with multiple version by @phisco in https://github.com/crossplane/crossplane/pull/4045
  • added keystore support for custom functions auth by @AndrewChubatiuk in https://github.com/crossplane/crossplane/pull/3869
  • Update module github.com/docker/docker to v23.0.3+incompatible [SECURITY] (master) by @renovate in https://github.com/crossplane/crossplane/pull/4052
  • Update module google.golang.org/protobuf to v1.29.1 [SECURITY] (master) by @renovate in https://github.com/crossplane/crossplane/pull/4053
  • Update k8s.io/utils digest to 9f67429 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4038
  • Update gcr.io/distroless/static Docker digest to 7198a35 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4055
  • Update debian:bookworm-slim Docker digest to 2fd76b2 (master) by @renovate in https://github.com/crossplane/crossplane/pull/3854
  • Update github/codeql-action digest to 29b1f65 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4056
  • chore: add helm and kind to renovate config by @phisco in https://github.com/crossplane/crossplane/pull/4064
  • feat(alpha): connection details schema-aware validation by @phisco in https://github.com/crossplane/crossplane/pull/4044
  • Add Grupo Boticario as a Adopter by @haooliveira84 in https://github.com/crossplane/crossplane/pull/4017
  • Update dependency helm/helm to v3.12.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4068
  • Update dependency kubernetes-sigs/kind to v0.18.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4069
  • Improve package dependency conflict error message by @turkenh in https://github.com/crossplane/crossplane/pull/4067
  • Update actions/setup-go digest to fac708d (master) by @renovate in https://github.com/crossplane/crossplane/pull/4073
  • Update codecov/codecov-action digest to eaaf4be (master) by @renovate in https://github.com/crossplane/crossplane/pull/4075
  • Update dependency kubernetes-sigs/kind to v0.19.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4079
  • Add volume and volumeMount support to controllerConfig by @stevendborrelli in https://github.com/crossplane/crossplane/pull/4037
  • Refactor in-cluster auth into a ContainerFunctionRunnerOption by @negz in https://github.com/crossplane/crossplane/pull/4054
  • Drop CompositionRevision v1alpha1 by @negz in https://github.com/crossplane/crossplane/pull/4098
  • fix: remove ignored FromEnvironmentFieldPath for environment patches by @phisco in https://github.com/crossplane/crossplane/pull/4082
  • Update github/codeql-action digest to f0e3dfb (master) by @renovate in https://github.com/crossplane/crossplane/pull/4105
  • Add PITS Global Data Recovery Services to the list of adopters in https://github.com/crossplane/crossplane/pull/4096
  • Update github/codeql-action digest to 0225834 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4109
  • Remove crun v1.5 distinction by @hasheddan in https://github.com/crossplane/crossplane/pull/4110
  • fix(alpha): schema-aware validation properly retrieving crds by @phisco in https://github.com/crossplane/crossplane/pull/4106
  • feat: composition's environment logical validation by @phisco in https://github.com/crossplane/crossplane/pull/4076
  • Fix typos and broken links in documentation by @maximiliantech in https://github.com/crossplane/crossplane/pull/4119
  • chore(renovate): disable non-security related k8s deps by @phisco in https://github.com/crossplane/crossplane/pull/4115
  • Update zeebe-io/backport-action action to v1.3.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4121
  • fix: handle nil deletion policy as not being foreground by @phisco in https://github.com/crossplane/crossplane/pull/4120
  • Run RBAC manager in Basic mode by default by @negz in https://github.com/crossplane/crossplane/pull/4111
  • chore: bump go-containerregistry by @phisco in https://github.com/crossplane/crossplane/pull/4136
  • Clean up Helm chart documentation by @plumbis in https://github.com/crossplane/crossplane/pull/4134
  • Update github/codeql-action digest to 83f0fe6 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4137
  • One-pager design for ignore changes on updates / granular management policies by @lsviben in https://github.com/crossplane/crossplane/pull/3822
  • Use a programmatic identifier as reason for Waiting condition. by @jeanduplessis in https://github.com/crossplane/crossplane/pull/4125
  • Composition's environment patches schema-aware validation by @phisco in https://github.com/crossplane/crossplane/pull/4083
  • Update golangci/golangci-lint-action digest to 5f1fec7 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4140
  • Update golangci-lint to v1.53.1 by @hasheddan in https://github.com/crossplane/crossplane/pull/4142
  • Update dependency golangci/golangci-lint to v1.53.2 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4143
  • Update debian:bookworm-slim Docker digest to e1a80fd (master) by @renovate in https://github.com/crossplane/crossplane/pull/4144
  • ci(fuzz): remove dry-run for fuzz tests by @phisco in https://github.com/crossplane/crossplane/pull/3949
  • Update aquasecurity/trivy-action action to v0.11.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4148
  • Update dependency golang to v1.20.5 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4151
  • feat: math transform supporting floats by @phisco in https://github.com/crossplane/crossplane/pull/3989
  • Clarify ControllerConfig deprecation message to reduce confusion by @jbw976 in https://github.com/crossplane/crossplane/pull/4124
  • Update all non-major github action (master) by @renovate in https://github.com/crossplane/crossplane/pull/4159
  • Update all non-major github action (master) by @renovate in https://github.com/crossplane/crossplane/pull/4167
  • feat: add matchCondition readinessCheck type and use as default by @phisco in https://github.com/crossplane/crossplane/pull/4107
  • Update all non-major github action (master) by @renovate in https://github.com/crossplane/crossplane/pull/4169
  • chore(Dockerfile): use COPY instead of ADD by @phisco in https://github.com/crossplane/crossplane/pull/4173
  • Update roadmap links to include info panel by @jbw976 in https://github.com/crossplane/crossplane/pull/4179
  • fix(xfn): close grpc connection with errors on options by @phisco in https://github.com/crossplane/crossplane/pull/4174
  • Return nil error when we successfully run a MatchCondition check by @negz in https://github.com/crossplane/crossplane/pull/4188
  • Update dependency kubernetes-sigs/kind to v0.20.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4186
  • Update all non-major github action (master) by @renovate in https://github.com/crossplane/crossplane/pull/4177
  • Update dependency helm/helm to v3.12.1 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4184
  • Update dependency golangci/golangci-lint to v1.53.3 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4189
  • Update debian:bookworm-slim Docker digest to d8f9d38 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4194
  • chore(renovate): enable PRs for all non-kubernetes dependencies by @phisco in https://github.com/crossplane/crossplane/pull/4133
  • Update module github.com/imdario/mergo to v0.3.16 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4207
  • Update module github.com/sirupsen/logrus to v1.9.3 (master) - autoclosed by @renovate in https://github.com/crossplane/crossplane/pull/4208
  • Set provider condition on package fetch error by @sttts in https://github.com/crossplane/crossplane/pull/4205
  • Make upcoming release dates more approximate than an exact day by @jbw976 in https://github.com/crossplane/crossplane/pull/4211
  • Update module kernel.org/pub/linux/libs/security/libcap/cap to v1.2.69 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4209
  • Update module golang.org/x/sync to v0.3.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4216
  • rbac: add fuzzer by @AdamKorcz in https://github.com/crossplane/crossplane/pull/4202
  • rbac: add fuzzer for RenderClusterRoles by @AdamKorcz in https://github.com/crossplane/crossplane/pull/4201
  • Update module github.com/spf13/afero to v1.9.5 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4213
  • Update module golang.org/x/sys to v0.9.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4220
  • Update module google.golang.org/grpc to v1.56.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4221
  • Make @bobh66 a maintainer by @negz in https://github.com/crossplane/crossplane/pull/4219
  • Add NASA SMCE and Navteca to Adopters by @dbarrous in https://github.com/crossplane/crossplane/pull/4231
  • fix(crank): copy to tar file one chunk at a time by @phisco in https://github.com/crossplane/crossplane/pull/4232
  • fix: limit xfn stdout and stderr by @phisco in https://github.com/crossplane/crossplane/pull/4217
  • Update module google.golang.org/grpc/cmd/protoc-gen-go-grpc to v1.3.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4225
  • fix(xfn): set max layers number limit for images by @phisco in https://github.com/crossplane/crossplane/pull/4203
  • Update github.com/opencontainers/runtime-spec digest to 48415de (master) by @renovate in https://github.com/crossplane/crossplane/pull/4224
  • Update github/codeql-action digest to f6e388e (master) by @renovate in https://github.com/crossplane/crossplane/pull/4241
  • Update module google.golang.org/grpc to v1.56.1 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4242
  • Bump goverter, buf to latest versions by @negz in https://github.com/crossplane/crossplane/pull/4243
  • Switch to the new dario.cat/mergo URL by @negz in https://github.com/crossplane/crossplane/pull/4240
  • Update module github.com/alecthomas/kong to v0.8.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4244
  • Run xfn with unconfined AppArmor profile by @negz in https://github.com/crossplane/crossplane/pull/4245
  • Port E2E tests to kubernetes-sigs/e2e-framework by @negz in https://github.com/crossplane/crossplane/pull/4187
  • Pin mheap/require-checklist-action action to 6140835 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4252
  • Don't require renovate to complete its checklist by @negz in https://github.com/crossplane/crossplane/pull/4253
  • Update module github.com/bufbuild/buf to v1.22.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4262
  • Support -create-kind-cluster=false in E2E tests by @negz in https://github.com/crossplane/crossplane/pull/4255
  • Update all the runtimes by @negz in https://github.com/crossplane/crossplane/pull/4246
  • Helm Chart: add locks to the RBAC for pkg.crossplane.io by @darkmuggle in https://github.com/crossplane/crossplane/pull/4267
  • Update docker/setup-buildx-action digest to 16c0bc4 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4276
  • Update module github.com/bufbuild/buf to v1.23.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4285
  • Update module google.golang.org/protobuf to v1.31.0 by @negz in https://github.com/crossplane/crossplane/pull/4280
  • Update module github.com/bufbuild/buf to v1.23.1 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4286
  • composition function types by @nullable-eth in https://github.com/crossplane/crossplane/pull/4282
  • Add registry option for xfn by @bobh66 in https://github.com/crossplane/crossplane/pull/4278
  • Update github/codeql-action digest to 004c5de (master) by @renovate in https://github.com/crossplane/crossplane/pull/4291
  • Update module golang.org/x/sys to v0.10.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4295
  • tests: refactor e2e by @phisco in https://github.com/crossplane/crossplane/pull/4270
  • Update module google.golang.org/grpc to v1.56.2 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4301
  • Update github/codeql-action digest to 46ed16d (master) by @renovate in https://github.com/crossplane/crossplane/pull/4300
  • Update docker/setup-buildx-action digest to 2a1a44a (master) by @renovate in https://github.com/crossplane/crossplane/pull/4303
  • Change /tmp folder permissions to allow write access by @ezgidemirel in https://github.com/crossplane/crossplane/pull/4304
  • fix: pull xfn images from registry configured with custom TLS certificate by @pedjak in https://github.com/crossplane/crossplane/pull/4261
  • feat(xrd): add labels and annotations by @fhopfensperger in https://github.com/crossplane/crossplane/pull/4310
  • guide-observability.md: don't record events on noops by @sttts in https://github.com/crossplane/crossplane/pull/4309
  • Update dependency golang to v1.20.6 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4314
  • chore: rename error constants according to our standard by @phisco in https://github.com/crossplane/crossplane/pull/4313
  • Update ADOPTERS.md with SAP entry by @dee0sap in https://github.com/crossplane/crossplane/pull/4317
  • Make @phisco a Crossplane maintainer by @negz in https://github.com/crossplane/crossplane/pull/4318
  • Support selecting multiple environment configs by @P0t4T0o in https://github.com/crossplane/crossplane/pull/3981
  • Update docker/setup-buildx-action digest to 4c0219f (master) by @renovate in https://github.com/crossplane/crossplane/pull/4320
  • guide-observability.md: add error guidelines by @sttts in https://github.com/crossplane/crossplane/pull/4311
  • Update dependency helm/helm to v3.12.2 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4325
  • Update module github.com/bufbuild/buf to v1.24.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4326
  • Update github/codeql-action digest to 489225d (master) by @renovate in https://github.com/crossplane/crossplane/pull/4330
  • Add One-Pager for Deletion Ordering by @turkenh in https://github.com/crossplane/crossplane/pull/4215
  • fix xfn e2e tests on osx by @pedjak in https://github.com/crossplane/crossplane/pull/4324
  • ci: switch deprecated set-output to new format by @phisco in https://github.com/crossplane/crossplane/pull/4332
  • Update mikefarah/yq Docker tag to v4.34.2 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4334
  • Update debian:bookworm-slim Docker digest to 9bd077d (master) by @renovate in https://github.com/crossplane/crossplane/pull/4333
  • Composition Functions Beta: Long-running Functions by @negz in https://github.com/crossplane/crossplane/pull/4306
  • Update module github.com/crossplane/crossplane-runtime to v0.20.0 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4342
  • Update github/codeql-action digest to 1813ca7 (master) by @renovate in https://github.com/crossplane/crossplane/pull/4350
  • fix: limit max number of layers for Packages by @phisco in https://github.com/crossplane/crossplane/pull/4348
  • chore: bump go-containerregistry to v0.15.3-0.20230625233257-b8504803… by @phisco in https://github.com/crossplane/crossplane/pull/4349
  • fix: stop rbac manager's rule expansion on timeout by @phisco in https://github.com/crossplane/crossplane/pull/4347
  • fix(alpha): re-evaluating additional fields against schema by @phisco in https://github.com/crossplane/crossplane/pull/4346
  • Add e2e test for XFN /tmp write access by @ezgidemirel in https://github.com/crossplane/crossplane/pull/4323
  • fix: properly handle annotations schema aware validation by @phisco in https://github.com/crossplane/crossplane/pull/4361
  • fix: max size of package parsed limited to 200MB by @phisco in https://github.com/crossplane/crossplane/pull/4358
  • [Backport release-1.13] fix: omitempty environmentConfigs label selector fields by @github-actions in https://github.com/crossplane/crossplane/pull/4368
  • [Backport release-1.13] fix: validate Package images by @github-actions in https://github.com/crossplane/crossplane/pull/4375
  • [Backport release-1.13] composite: fix nil-dereference by @github-actions in https://github.com/crossplane/crossplane/pull/4383

New Contributors

  • @pedjak made their first contribution in https://github.com/crossplane/crossplane/pull/4015
  • @gberche-orange made their first contribution in https://github.com/crossplane/crossplane/pull/4020
  • @haooliveira84 made their first contribution in https://github.com/crossplane/crossplane/pull/4017
  • @maximiliantech made their first contribution in https://github.com/crossplane/crossplane/pull/4119
  • @sttts made their first contribution in https://github.com/crossplane/crossplane/pull/4205
  • @dbarrous made their first contribution in https://github.com/crossplane/crossplane/pull/4231
  • @darkmuggle made their first contribution in https://github.com/crossplane/crossplane/pull/4267
  • @fhopfensperger made their first contribution in https://github.com/crossplane/crossplane/pull/4310
  • @dee0sap made their first contribution in https://github.com/crossplane/crossplane/pull/4317
  • @P0t4T0o made their first contribution in https://github.com/crossplane/crossplane/pull/3981

Full Changelog: https://github.com/crossplane/crossplane/compare/v1.12.0...v1.13.0

Security

Security wording was detected, but no CVEs were found.

Details

date
July 27, 2023, 3:32 p.m.
name
v1.13.0
type
Minor
official page
https://github.com/crossplane/crossplane/releases/tag/v1.13.0
👇
Register or login to:
  • 🔍View and search all crossplane releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google
or