v0.29.1

What's Changed

• ci: define least privilege permission for vuln scan workflow by @lucasrod16 in #733
• chore: bump the production-dependencies group with 2 updates by @dependabot in #727
• chore: bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #728
• chore: bump chainguard/node-lts from 8c5f0eb to 4c0a73a by @dependabot in #734
• chore: bump tar from 6.2.0 to 6.2.1 by @dependabot in #735
• chore: bump @types/node from 18.19.30 to 18.19.31 in the development-dependencies group by @dependabot in #729
• chore: bump @types/eslint from 8.56.7 to 8.56.8 in the development-dependencies group by @dependabot in #736
• chore: bump chainguard/node-lts from 4c0a73a to acc2839 by @dependabot in #738

New Contributors

• @lucasrod16 made their first contribution in #733

Full Changelog: v0.29.0...v0.29.1

v0.29.0

features

• chore: create helper functions for pepr by @schaeferka in #688

getOwnerRefFrom - get fields needed to create an owner ref

// Create a deployment that is "owned" by the WebApp instance 👍 
function deployment(instance: WebApp) {
  const { name, namespace } = instance.metadata!;
  const { replicas } = instance.spec!;

  return {
    apiVersion: "apps/v1",
    kind: "Deployment",
    metadata: {
      ownerReferences: getOwnerRefFrom(instance), // 👈 Instance owns deploymeny
      name,
      namespace,
      labels: {
        "pepr.dev/operator": name,
      },
    },

containers - Get all of the containers from a pod

When(a.Pod)
  .IsCreatedOrUpdated()
  .Validate(po => {
    const podContainers = containers(po); // containers, initContainer, ephemeralContainers 👈 
    for (const container of podContainers) {
      if (
        container.securityContext?.allowPrivilegeEscalation ||
        container.securityContext?.privileged
      ) {
        return po.Deny("Privilege escalation is not allowed");
      }
    }

    return po.Approve();
  });

writeEvent - write an event

async function updateStatus(instance: WebApp, status: Status) {
  await writeEvent(instance, {phase: status}, "Normal", "CreatedOrUpdate", instance.metadata.name, instance.metadata.name);
  await K8s(WebApp).PatchStatus({
    metadata: {
      name: instance.metadata!.name,
      namespace: instance.metadata!.namespace,
    },
    status,
  });
}

kubectl describe wa webapp-light-en -n webapps
# output
Name:         webapp-light-en
Namespace:    webapps
API Version:  pepr.io/v1alpha1
Kind:         WebApp
Metadata: ...
Spec:
  Language:  en
  Replicas:  1
  Theme:     light
Status:
  Observed Generation:  1
  Phase:                Ready
Events:
  Type    Reason                    Age   From             Message
  ----    ------                    ----  ----             -------
  Normal  InstanceCreatedOrUpdated  36s   webapp-light-en  Pending 👈 
  Normal  InstanceCreatedOrUpdated  36s   webapp-light-en  Ready 👈 

Take a look at the sdk functions.
Good job @schaeferka 👏

What's Changed

• chore: onschedule runs always in dev mode by @cmwylie19 in #725
• chore: update docs on the operator by @cmwylie19 in #726
• chore: bump chainguard/node-lts from cc860c4 to 8c5f0eb by @dependabot in #721
• chore: bump @types/node from 18.19.29 to 18.19.30 in the development-dependencies group by @dependabot in #720

Full Changelog: v0.28.8...v0.29.0

v0.28.8

What's Changed

• fix: switch to node-lts chainguard image by @jeff-mccoy in #716
• chore: update readme to have inclusive language by @schristoff in #681
• chore: update Contributor Guide Link by @cmwylie19 in #700
• chore: excellent examples new path by @cmwylie19 in #709
• chore: pipeline test by @cmwylie19 in #710
• chore: test exception ci by @cmwylie19 in #707
• chore: e2e integration by @cmwylie19 in #712
• Excellent examples integration by @cmwylie19 in #713
• chore: vulnerability scan by @cmwylie19 in #718
• chore: testing the e2e test by @cmwylie19 in #701
• chore: bump the development-dependencies group with 2 updates by @dependabot in #705
• chore: bump the production-dependencies group with 1 update by @dependabot in #704
• chore: bump actions/setup-node from 2 to 4 by @dependabot in #703
• chore: bump actions/checkout from 2 to 4 by @dependabot in #702
• chore: bump the development-dependencies group with 1 update by @dependabot in #708
• chore: bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #719

New Contributors

• @schristoff made their first contribution in #681

Full Changelog: v0.28.7...v0.28.8

v0.28.7

What's Changed

• chore: fix error message in cli dev/deploy by @cmwylie19 in #697
• chore: add test for when capability is schedule by @cmwylie19 in #693
• chore: fixed typo by @naveensrinivasan in #682
• chore: bump actions/dependency-review-action from 4.2.3 to 4.2.4 by @dependabot in #686
• chore: bump the production-dependencies group with 1 update by @dependabot in #687
• chore: bump the production-dependencies group with 1 update by @dependabot in #691
• chore: bump actions/dependency-review-action from 4.2.4 to 4.2.5 by @dependabot in #692

Full Changelog: v0.28.6...v0.28.7

v0.28.6

What's Changed

• fix: reconcile enqueue bindings by @jeff-mccoy in #680

Full Changelog: v0.28.5...v0.28.6

v0.28.5

What's Changed

• chore: update default log level to info by @schaeferka in #637
• chore: update is not recommended for prod by @cmwylie19 in #670
• chore: fully remove store references in watch-processor by @cmwylie19 in #677
• chore: add debug logs to queue by @cmwylie19 in #678
• chore: security markdown by @cmwylie19 in #662
• chore: bump the production-dependencies group with 2 updates by @dependabot in #674
• chore: bump actions/dependency-review-action from 4.1.3 to 4.2.3 by @dependabot in #673
• chore: bump the development-dependencies group with 3 updates by @dependabot in #671
• chore: bump the production-dependencies group with 1 update by @dependabot in #679

Full Changelog: v0.28.4...v0.28.5

v0.28.4

What's Changed

• fix: dedupe environment variable config values by @btlghrants in #665
• chore: remove loglevel from docs and audit logs in the cli by @cmwylie19 in #668
• chore: updated ascii art for pepr by @schaeferka in #669
• chore: add request uid to admission log messages by @btlghrants in #656
• chore: bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @dependabot in #657
• chore: bump the development-dependencies group with 1 update by @dependabot in #660
• chore: bump the development-dependencies group with 1 update by @dependabot in #666

Full Changelog: v0.28.3...v0.28.4

v0.28.3

What's Changed

• chore: add patch/create crds by @cmwylie19 in #655

Full Changelog: v0.28.2...v0.28.3

v0.28.2

What's Changed

• chore: make select log messages more explicit by @btlghrants in #652
• chore: pin hash version by @cmwylie19 in #633
• chore: filter bug by @cmwylie19 in #651
• chore: bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #653
• chore: bump the development-dependencies group with 1 update by @dependabot in #654

Full Changelog: v0.28.1...v0.28.2

v0.28.1

What's Changed

• chore: create store faster by @cmwylie19 in #648
• chore: template terminationGracePeriodSeconds and set default to 5 by @cmwylie19 in #646
• chore: remove watch cache from pepr by @cmwylie19 in #643
• chore: store startup speed by @cmwylie19 in #650
• chore: bump the production-dependencies group with 1 update by @dependabot in #635
• fix: typos/missing types by @btlghrants in #636
• chore: bump the development-dependencies group with 1 update by @dependabot in #641
• chore: bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #647
• chore: bump the development-dependencies group with 2 updates by @dependabot in #649

Full Changelog: v0.28.0...v0.28.1