v0.2.0

kubectl Bound Session API

Major refactor: blocks now use bound session objects instead of passing ctx+sesh to every call.

Before

k8s.get_deployment(ctx, sesh, namespace=ns, deployment=d)
k8s.get_secret(ctx, sesh, namespace=ns, secret=s)

After

kube = kubectl.connect(sesh, namespace=ns)
kube.get("deployment", name=d)
kube.get_secret_value(secret=s, key="password")

New

• kubectl.py with KubectlSession: .get(), .find_pod(), .exec(), .cat_file(), .cp(), .apply(), .rollout_status(), .get_secret_value()
• ctr.py: containerd commands (moved from crictl)
• utils.py: is_empty() utility
• ssh.connect() + sesh.exec(cmd) / sesh.probe()

Renamed

• validate.env_var_set → env_var_exists
• validate.ip_valid → ip_format

Removed

• config.substitute_vars (duplicate)
• k8s.patch_deployment (compose from primitives)

Deprecated

• All k8s.* functions → forward to kubectl.* with DeprecationWarning
• crictl.image_import → ctr.image_import
• file.is_empty → utils.is_empty

Full Changelog: v0.1.1...v0.2.0