v1.4.0

The v1.4.0 release introduces a new resource BastionHost.network.azure.upbound.io/v1beta1, bug fixes, and dependency updates.

What's Changed

• Only add singleton list API converters for the existing APIs by @ulucinar in #767
• Update actions/checkout digest to 692973e by @renovate in #765
• Update alpine Docker tag to v3.20.1 by @renovate in #770
• Use crossplane/build submodule by @turkenf in #758
• Update module github.com/hashicorp/go-retryablehttp to v0.7.7 [SECURITY] by @renovate in #772
• Configure BastionHost.network resource and add example manifest by @turkenf in #775

Full Changelog: v1.3.0...v1.4.0

v1.3.0

The v1.3.0 release introduces new resources, bug fixes, enhancements, and dependency updates.

Support for New Resources

• PimActiveRoleAssignment.authorization.azure.upbound.io/v1beta1
• PimEligibleRoleAssignment.authorization.azure.upbound.io/v1beta1

Bug Fixes and Enhancements

• Bug Fix: Prevent the provider from panicking if referenced secrets for NotificationHub are not found #755
• Bug Fix: "Observed a panic" with FlexibleServer set "authentication.passwordAuthEnabled: false." #760

What's Changed

• Update alpine Docker tag to v3.20.0 by @renovate in #752
• Update actions/checkout digest to a5ac7e5 by @renovate in #751
• Prevent the provider from panicking if referenced secrets for NotificationHub are not found by @ulucinar in #755
• Feature/add pim resources by @knutejoh in #727
• Replace gopkg.in/alecthomas/kingpin.v2 by github.com/alecthomas/kingpin/v2 by @gravufo in #714
• Fix #760 by making administrator_login & administrator_password optional for connection details by @niiku in #761
• Remove documents related to monolithic provider by @turkenf in #763
• Sync the MaxItems constraints between the Go & JSON schemas by @ulucinar in #759
• Remove monolithic provider from updoc workflow by @turkenf in #764

New Contributors

• @knutejoh made their first contribution in #727
• @gravufo made their first contribution in #714
• @niiku made their first contribution in #761

Full Changelog: v1.2.0...v1.3.0

v1.2.0

The v1.2.0 release introduces converting singleton lists in the MR APIs to embedded objects, adding a new resource VirtualMachineRunCommand.compute, and dependency updates.

In this release, we've updated how Terraform configuration blocks are handled in our APIs. Terraform configuration blocks, even if they have a MaxItems constraint of 1, are (almost) always generated as lists. We now generate the lists with a MaxItems constraint of 1 as embedded objects in our MR APIs. This also helps when updating or patching via SSA the (previously list) objects.

The new v1beta2 versions of the CRD APIs incorporate these changes, ensuring backward compatibility for clients using the older v1beta1 versions. Any clients wanting to use the embedded objects-based APIs should update to the v1beta2 versions of the CRD APIs.

• For instance, let's look at the YAML output of the RedisCache.cache.azure.upbound.io/v1beta2 resource's spec.forProvider, with this release we can see the spec.forProvider.redisConfiguration field as an object:

 spec:
   forProvider:
     capacity: 1
     enableNonSslPort: false
     family: P
     location: West Europe
     minimumTlsVersion: "1.2"
     publicNetworkAccessEnabled: true
     redisConfiguration:
       maxmemoryDelta: 2
       maxmemoryPolicy: allkeys-lru
       maxmemoryReserved: 2
     redisVersion: "6"
     resourceGroupName: example-redis-ftest
     skuName: Premium

• If we look at the v1beta1 YAML output of the resource, we see the field as a list:

spec:
  forProvider:
    capacity: 1
    enableNonSslPort: false
    family: P
    location: West Europe
    minimumTlsVersion: "1.2"
    publicNetworkAccessEnabled: true
    redisConfiguration:
    - maxmemoryDelta: 2
      maxmemoryPolicy: allkeys-lru
      maxmemoryReserved: 2
    redisVersion: "6"
    resourceGroupName: example-redis-ftest
    skuName: Premium

For a detailed overview of the implementation, please see crossplane/upjet#387 and crossplane/upjet#400

What's Changed

• Add needs:triage label to issue template by @turkenf in #723
• Update actions/upload-artifact digest to 6546280 by @renovate in #718
• Update actions/checkout digest to 0ad4b8f by @renovate in #717
• Update actions/setup-go digest to cdcb360 by @renovate in #726
• Update actions/checkout digest to 44c2b7a by @renovate in #736
• Update actions/checkout digest to 0ad4b8f by @renovate in #737
• Use config.Reference.TerraformName instead of config.Reference.Type by @ulucinar in #739
• Bump crossplane-runtime version to consume the fix of MR metrics by @sergenyalcin in #741
• Add azurerm virtual machine run command by @AndresNico in #725
• Convert all singleton lists in the MR APIs to embedded objects by @ulucinar in #733
• Add example manifests for v1beta2 version by @sergenyalcin in #746
• Make MaxItems values consistent between JSON schema and provider schema by @sergenyalcin in #745

New Contributors

• @AndresNico made their first contribution in #725

Full Changelog: v1.1.0...v1.2.0

v1.1.0

The v1.1.0 release introduces MR metrics, a new resource, bug fixes, enhancements, and dependency updates.

We are excited to introduce a new set of managed resource (MR) metrics in this release. These metrics are pivotal for monitoring the state and performance of resources managed through Crossplane. This enhancement follows the implementation guidelines from the provider-kubernetes and incorporates changes from crossplane/crossplane-runtime#683. The newly available metrics include:

• crossplane_managed_resource_exists{"gvk"}
• crossplane_managed_resource_ready{"gvk"}
• crossplane_managed_resource_synced{"gvk"}
• crossplane_managed_resource_first_time_to_reconcile_seconds{"gvk"}
• crossplane_managed_resource_first_time_to_readiness_seconds{"gvk"}
• crossplane_managed_resource_deletion_seconds{"gvk"}
• crossplane_managed_resource_drift_seconds{"gvk"}

For a detailed overview of the implementation, please refer to this crossplane/crossplane-runtime#683.

Note that, for async resources, upjet_resource_ttr_bucket{"group","kind","version"} gives a more accurate measurement of when the external resource becomes available, compared to crossplane_managed_resource_first_time_to_readiness_seconds{"gvk"}.

Support for a New Resource

• Deployment.cognitiveservices.azure.upbound.io/v1beta1

Bug Fixes and Enhancements

• Bug Fix: Addresses a critical bug related to asynchronous operation failures (#684). With this fix, the "Synced" status will immediately reflect as "False" upon any failure in asynchronous operations, ensuring compliance with the XRM contract and improving reliability in status reporting. Previously, the error handling only updated the LastAsyncOperation status without properly setting the Synced condition to False. For more information, please see the crossplane/upjet#391 (comment).

What's Changed

• Update docker/setup-buildx-action digest to 2b51285 by @renovate in #670
• Update kubernetes patches to v0.29.3 by @renovate in #674
• Update actions/cache digest to 0c45773 by @renovate in #677
• Decrease linter's memory usage by @ulucinar in #690
• Monitor, mark and close issues and PRs with github workflow by @turkenf in #688
• Set Azure partner tracking GUID to a9cee75d-8f11-42e4-bc19-953757f4ea3c in requests by @ulucinar in #687
• Update actions/cache digest to e12d46a by @renovate in #691
• Update actions/checkout digest to b4ffde6 by @renovate in #692
• Update fkirc/skip-duplicate-actions action to v5.3.1 by @renovate in #694
• Update actions/cache action to v4 by @renovate in #695
• Update actions/setup-go action to v5 by @renovate in #696
• docs: update marketplace link in readme by @loomkoom in #701
• Add azurerm_cognitive_deployment resource by @mirza-src in #706
• Update module sigs.k8s.io/controller-runtime to v0.17.3 by @renovate in #703
• Update docker/setup-buildx-action digest to d70bba7 by @renovate in #702
• Remove GitHub issue triage workflow by @turkenf in #707
• Update kubernetes patches to v0.29.4 by @renovate in #708
• Update actions/upload-artifact digest to 1746f4a by @renovate in #712
• Update slack channel name in readme by @turkenf in #715
• Rename the repo name for reusable workflows used by @turkenf in #721
• Introduce MR metrics by @mergenci in #720

New Contributors

• @loomkoom made their first contribution in #701
• @mirza-src made their first contribution in #706
• @mergenci made their first contribution in #720

Full Changelog: v1.0.1...v1.1.0

v1.0.1

The release v1.0.1 introduces:

• Sets the Azure partner tracking GUID to a9cee75d-8f11-42e4-bc19-953757f4ea3c in the requests that are made by the provider.
• Adds these two words to the UserAgent header.
  • The provider name/version such as crossplane-provider-upjet-azure/v1.0.1
  • The CPU architecture & operating system name the provider is running on, such as (arm64-darwin)

The resulting User-Agent header value looks like the following:

HashiCorp/go-azure-sdk (Go-http-Client/1.1 capabilities/2023-11-01) HashiCorp Terraform/ (+https://www.terraform.io) Terraform Plugin SDK/2.10.1 terraform-provider-azurerm/dev crossplane-provider-upjet-azure/v1.0.1 (arm64-darwin) pid-a9cee75d-8f11-42e4-bc19-953757f4ea3c

What's Changed

• [Backport release-1.0] Decrease linter's memory usage by @github-actions in #693
• [Backport release-1.0] Set Azure partner tracking GUID to a9cee75d-8f11-42e4-bc19-953757f4ea3c in requests by @github-actions in #697

Full Changelog: v1.0.0...v1.0.1

v1.0.0

In the v1.0.0 release, we've upgraded the underlying Terraform provider version from 3.57.0 to 3.95.0.
Explore the API Changes section below for a concise overview of the modifications introduced by this version bump.

The release introduces support for the conversion functions to be able to handle any future breaking API changes. Also includes updates to the dependencies.

Support for a New Resource

• WorkspaceRootDbfsCustomerManagedKey.databricks.azure.upbound.io/v1beta1

Bug Fixes and Enhancements

• Network Interface with Public IP fails with cannot reference the public IP #78
• Sets a default io.Discard logger for the controller-runtime if debug logging is not enabled. If debug logging is enabled, then the controller-runtime uses a debug mode zap logger as usual #678
• Adds info logs in the monolithic provider's output that communicate the deprecation and the next steps #679

Breaking UX Changes

The release switches the order of the SYNCED and READY printer columns so that the SYCNED column is now printed before the READY column as follows:

❯ kubectl get managed

NAME                                               SYNCED   READY   EXTERNAL-NAME     AGE
linuxwebapp.web.azure.upbound.io/linuxappexample   True     True    linuxappexample   5m46s

This used to be first the READY column and then the SYNCED column previously. Please see crossplane/upjet#360 for further details.

API Changes

• Changed external name configuration of the following resources:
  • APIOperationPolicy.apimanagement.azure.upbound.io/v1beta1
  • APIPolicy.apimanagement.azure.upbound.io/v1beta1
  • Policy.apimanagement.azure.upbound.io/v1beta1
  • ProductPolicy.apimanagement.azure.upbound.io/v1beta1
• API.apimanagement.azure.upbound.io/v1beta1 => spec.forProvider.revision is now required parameter.
• Logger.apimanagement.azure.upbound.io/v1beta1 => spec.forProvider.eventhub.connectionString is now optional parameter.
• HybridRunBookWorkerGroup.automation.azure.upbound.io/v1beta1 => added reference and selector for spec.forProvider.automationAccountName field.
• BotChannelWebChat.botservice.azure.upbound.io/v1beta1 => spec.forProvider.siteNames has been replaced with spec.forProvider.site code block.
• WorkspaceCustomerManagedKey.databricks.azure.upbound.io/v1beta1 => This resource has been deprecated and will be removed in future versions of provider. Please use the WorkspaceRootDbfsCustomerManagedKey resource instead.
• FlexibleServer.dbforpostgresql.azure.upbound.io/v1beta1 => status.atProvider.identity.{principalId,tenantId} have been removed.
• LabServiceLab.labservices.azure.upbound.io/v1beta1 => spec.forProvider.connectionSetting is now required parameter.
• LinuxWebApp.web.azure.upbound.io/v1beta1 => spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32Status has been replaced with spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32StatusCode.
• LinuxWebAppSlot.web.azure.upbound.io/v1beta1 => spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32Status has been replaced with spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32StatusCode.
• WindowsWebApp.web.azure.upbound.io/v1beta1 => spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32Status has been replaced with spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32StatusCode.
• WindowsWebAppSlot.web.azure.upbound.io/v1beta1 => spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32Status has been replaced with spec.forProvider.siteConfig.autoHealSetting.trigger.statusCode.win32StatusCode.

What's Changed

• Comprehensive Issue Template Update: Assisting Users in Better Issue Definition by @turkenf in #637
• Update module sigs.k8s.io/controller-tools to v0.14.0 by @renovate in #625
• Update alpine Docker tag to v3.19.1 by @renovate in #638
• Update actions/upload-artifact digest to 5d5d22a by @renovate in #643
• Update kubernetes patches to v0.29.2 by @renovate in #651
• fix: allow publicIP to be referenced using selectors and Ref by @migueladh in #652
• Switch from the NoFork terminology to the TerraformPluginSDK terminology and bump dependencies by @turkenf in #656
• Update module github.com/cloudflare/circl to v1.3.7 [SECURITY] by @renovate in #659
• Update docker/setup-buildx-action digest to 0d103c3 by @renovate in #661
• Update module sigs.k8s.io/controller-runtime to v0.17.2 by @renovate in #660
• Update actions/cache digest to ab5e6d0 by @renovate in #663
• Consume the reusable workflows from upbound/uptest@standard-runners by @sergenyalcin in #666
• Applying license changes by @sergenyalcin in #671
• Log a deprecation message when the monolithic provider is run. by @ulucinar in #679
• Enable Conversion Webhooks by @ulucinar in #676
• Set log.Default's output to io.Discard by @ulucinar in #678
• Bump Terraform provider version to v3.95.0 by @turkenf in #668

New Contributors

• @migueladh made their first contribution in #652

Full Changelog: v0.42.2...v1.0.0

v0.42.2

The release v0.42.2 introduces:

• Sets a default io.Discard logger for the controller-runtime if debug logging is not enabled. If debug logging is enabled, then the controller-runtime uses a debug mode zap logger as usual #678
• Adds info logs in the monolithic provider's output that communicate the deprecation and the next steps #679

What's Changed

• [Backport release-0.42] Log a deprecation message when the monolithic provider is run. by @github-actions in #680
• [Backport release-0.42] Set log.Default's output to io.Discard by @ulucinar in #681

Full Changelog: v0.42.1...v0.42.2

v0.42.1

The release v0.42.1 includes some important bug fixes and dependency bumps detailed below:

• Bump crossplane-runtime to v1.15.1 along with various bug fixes.
• Bump upjet to v1.1.1
• There’s a fix in the implementation of the LateInitialize management policy in the context of the no-fork architecture. Previously, we were relying solely on the managed reconciler for preventing the late-initialization of the managed resources if the specified policies do not contain it. Now, we also explicitly skip the late-initialization in upjet to prevent some accidental updates to the spec.forProvider while, for example, updating the annotations.
• Adds a more explanatory error message when immutable fields of a managed resource have changed.

What's Changed

• [Release-0.42] Switch from the NoFork terminology to the TerraformPluginSDK terminology and bump dependiencies by @turkenf in #657

Full Changelog: v0.42.0...v0.42.1

v0.42.0

This release includes adding the CustomDomain.apimanagement.azure.upbound.io/v1beta1 resource and updates to dependencies.

What's Changed

• Update kubernetes packages to v0.29.0 by @renovate in #607
• Update module golang.org/x/crypto to v0.17.0 [SECURITY] by @renovate in #617
• Update actions/cache digest to e12d46a by @renovate in #624
• Update actions/upload-artifact digest to 1eb3cb2 by @renovate in #627
• feat(resource): add azurerm_api_management_custom_domain by @haarchri in #628
• Update actions/cache action to v4 by @renovate in #631
• Update kubernetes patches to v0.29.1 by @renovate in #632
• Update actions/upload-artifact digest to 694cdab by @renovate in #633
• Update actions/upload-artifact digest to 26f96df by @renovate in #635

Full Changelog: v0.41.0...v0.42.0

v0.41.0

This release brings a change with how we interact with the underlying Terraform Azure provider. Instead of interfacing with Terraform via the TF CLI, the new implementation consumes the Terraform provider's Go provider schema and invokes the CRUD functions registered in that schema, and we no longer fork the underlying Terraform provider process or the Terraform CLI.

Thus, we have considerable performance improvements with the v0.41.0 version of the provider. Although we have not evaluated the improvements specifically for upbound/provider-azure@v0.41.0, you can find some reference results from the experiments we did with upbound/provider-aws@v0.44.0 for 1K and 10K MRs, when we switched to this new runtime architecture.

Note: These results belong to the upbound/provider-aws@v0.44.0 with which we have rolled this runtime architecture for the official AWS provider. These results are shared not to provide a Sizing Guide but as a reference to understand the improvements in performance metrics. Also, the experiment sets of tests are shared:

• Objective: 10K UserPolicyAttachment MRs

• Parallelization: 500 reconcile workers

• Poll period: 10min

• Node: m5.2xlarge (8vCPU, 32GiB RAM)

  Average TTR	Peak TTR	Average Memory	Peak Memory	Average CPU	Peak CPU
  4.40 secs	79 secs	775.41 MiB	1185.62 MiB	15.25%	20.90%

• Objective: 1K UserPolicyAttachment MRs

• Parallelization: 500 reconcile workers

• Poll period: 10min

• Node: m5.2xlarge (8vCPU, 32GiB RAM)

  Average TTR	Peak TTR	Average Memory	Peak Memory	Average CPU	Peak CPU
  4.15 secs	44 secs	630.39 MiB	948.35 MiB	9.06%	12.69%

Because the provider no longer forks the Terraform CLI or Terraform Azure provider, we removed the Terraform CLI and the Terraform provider binaries from the provider package, and accordingly we also deprecated all the process-forking related command-line flags. The full list of the deprecated command-line flags is as follows:

• --terraform-version
• --terraform-provider-version
• --terraform-native-provider-path
• --terraform-provider-source
• --provider-ttl

Using these flags will be non-functional and you will receive log messages similar to the following, if you pass any of these deprecated command-line flags to the provider.

warning: Command-line flag "terraform-version" is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).
warning: Command-line flag "terraform-provider-source" is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).
warning: Command-line flag "terraform-provider-version" is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).
warning: Command-line flag "provider-ttl" is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).

Our users are advised to remove any of these deprecated command-line flags from their configurations (ControllerConfigs, etc.) because the deprecated command-line flags will be removed in a future release of the provider.

What's Changed

• Use Terraform Plugin SDK to Reconcile MRs by @ulucinar in #592
• Remove the Terraform CLI from the provider package and deprecate the relevant provider command-line flags. by @ulucinar in #619

Full Changelog: v0.40.0...v0.41.0