v1.2.0-m.1
Pre-release
Pre-release
·
27 commits
to main
since this release
Highlights
- Portal Assistant now generates guided fix prompts — when it detects a build issue or runtime error, it not only explains the problem but emits an actionable prompt you can hand to a local coding agent to investigate and fix it (a CodeRabbit-style explain-then-fix workflow).
- Observability gains Kubernetes events and Cilium Hubble wirelogs — end-to-end across the observability plane, observer API, and portal.
- Attribute-based access control (ABAC) expands beyond
environmenttocomponentType,resourceType, andworkflowconditions. - Build performance — layer/mirror build cache and digest-pinned builder images.
- GitHub Actions external CI wired into Helm + Backstage.
What's Changed
- chore: clean up root by @chathuranga95 in #2945
- chore: bump version to 1.1.0 by @Mirage20 in #2952
- test: add unit tests for gateway and kubernetes clients using testify by @chathuranga95 in #2949
- fix: update default schedule for scheduled-task component to valid cron expression by @ThusharaSampath in #2955
- fix: add missing openAPIV3Schema wrapper in trait specs for componentrelease generate by @VajiraPrabuddhaka in #2957
- chore: update BYOI samples by @rashadism in #2959
- feat: validate traits do not create workload resources by @ChathurangaKCD in #2922
- fix: add deployment strategy for observer by @akila-i in #2981
- fix: add deployment strategy for rca-agent by @akila-i in #2986
- test: improve integration tests in observabilityalertrule controller by @akila-i in #2992
- test: add unit tests for alerts email and webhook notification by @akila-i in #2995
- test: improve unit test coverage for observer/api/handlers by @akila-i in #3005
- chore(cli): add tests and remove dead code in pkg/cli by @JanakaSandaruwan in #3003
- ci: add Trivy image scan workflow by @Mirage20 in #3011
- ci: add periodic Trivy image scan trigger by @Mirage20 in #3012
- chore(deps): bump github/codeql-action from 4.32.6 to 4.34.1 by @dependabot[bot] in #2967
- chore(deps): bump sigstore/cosign-installer from 4.1.0 to 4.1.1 by @dependabot[bot] in #2966
- chore(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 by @dependabot[bot] in #2868
- chore(deps): bump codecov/codecov-action from 5.5.2 to 5.5.3 by @dependabot[bot] in #2863
- chore(deps): bump dawidd6/action-download-artifact from 16 to 19 by @dependabot[bot] in #2862
- test: add comprehensive unit tests for API handlers by @LakshanSS in #3007
- fix(cli): use spec hash to select release in binding generate by @VajiraPrabuddhaka in #3006
- test: add mockery tooling by @chathuranga95 in #3015
- test: add comprehensive unit tests for request and response models by @LakshanSS in #3025
- test: add HTTP-layer integration tests for all API handler resources by @LakshanSS in #3016
- refactor: inject client into clustertrait for testability by @JanakaSandaruwan in #3028
- refactor(cli): inject client into clustercomponenttype, componenttype, trait by @JanakaSandaruwan in #3031
- ci: fix codecov ignore pattern for generated mocks by @JanakaSandaruwan in #3032
- test: add git secret creation unit tests by @chalindukodikara in #3013
- test: add service authz wrapper unit tests by @chathuranga95 in #2994
- chore: upgrade Go from 1.24 to 1.26 by @Mirage20 in #3033
- refactor(cli): inject client into authz role resources by @JanakaSandaruwan in #3034
- chore(deps): bump github/codeql-action from 4.32.6 to 4.35.1 by @dependabot[bot] in #3037
- chore(deps): bump korthout/backport-action from 4.2.0 to 4.3.0 by @dependabot[bot] in #3036
- test: improve unit test coverage for pkg/fsindex by @VajiraPrabuddhaka in #3027
- ci: add setup-go composite action to dependabot scanning by @Mirage20 in #3040
- chore(deps): bump actions/setup-go from 6.1.0 to 6.4.0 in /.github/actions/setup-go by @dependabot[bot] in #3042
- chore(deps): bump codecov/codecov-action from 5.5.3 to 6.0.0 by @dependabot[bot] in #3035
- chore(deps): bump github.com/knadh/koanf/v2 from 2.3.2 to 2.3.4 by @dependabot[bot] in #3049
- chore(deps): bump distroless/static from
f512d81toe3f9456by @dependabot[bot] in #3018 - chore(deps): bump distroless/static from
f512d81toe3f9456in /cmd/cluster-agent by @dependabot[bot] in #3019 - chore(deps): bump distroless/static from
f512d81toe3f9456in /cmd/cluster-gateway by @dependabot[bot] in #3020 - chore(deps): bump distroless/static from
f512d81toe3f9456in /cmd/observer by @dependabot[bot] in #3022 - chore(deps): bump distroless/static from
f512d81toe3f9456in /cmd/openchoreo-api by @dependabot[bot] in #3024 - chore: modify observer mock implementations to use mockery by @akila-i in #3039
- refactor(cli): remove legacy resources package code by @JanakaSandaruwan in #3051
- test: add tests for workflow run apis by @chalindukodikara in #3050
- test: add tests for k8sresources package by @chalindukodikara in #3057
- test: add tests for licenser by @chalindukodikara in #3058
- ci: switch backport workflow from comment-based to label-based by @Mirage20 in #3059
- refactor: centralize action constants as single source of truth by @binoyPeries in #3053
- refactor(cli): inject client into occ cmd packages and add unit tests by @JanakaSandaruwan in #3064
- feat: add workflowrun deletion api by @chalindukodikara in #3062
- ci: add failure comment with workflow run link to backport workflow by @Mirage20 in #3066
- ci: use action output to detect backport failure by @Mirage20 in #3070
- test(cli): add tests for fsmode Index methods by @VajiraPrabuddhaka in #3068
- refactor(cli): inject client into 7 occ cmd packages and add tests by @JanakaSandaruwan in #3072
- test(cli): add tests for fsmode typed package by @VajiraPrabuddhaka in #3076
- test: add mcp handler unit tests by @chathuranga95 in #3038
- chore: add unit tests for authz related functions by @mevan-karu in #3010
- test: add integration tests to k8sresources package by @chalindukodikara in #3075
- fix: add timezone support to scheduled-task component type by @LakshanSS in #3081
- test: improve coverage on internal/validation/component package by @ChathurangaKCD in #3080
- refactor(cli): inject client into component cmd and add tests by @JanakaSandaruwan in #3082
- test(cli): add tests for fsmode generator package by @VajiraPrabuddhaka in #3079
- test: add cluster gateway tests by @yashodgayashan in #3085
- test: add mcp handler unit tests by @chathuranga95 in #3083
- test: add authz service unit tests by @chathuranga95 in #3086
- chore: add tests for observer authz package by @mevan-karu in #3063
- test(cli): add unit tests for occ cmd and resources packages by @JanakaSandaruwan in #3087
- test: add tests for workflow run controller by @chalindukodikara in #3089
- docs: clarify issue triage process by @tishan89 in #3093
- test: add cluster agent test cases by @yashodgayashan in #3088
- docs: use raw GitHub URLs in url-shortener sample READMEs by @rashadism in #3123
- docs: add Azure SQL Database workflow sample by @LakshanSS in #3030
- test: add unit tests for api handlers by @chathuranga95 in #3094
- test(controller): add integration tests for renderedrelease core functions by @VajiraPrabuddhaka in #3124
- test: add tests for cluster gateway by @yashodgayashan in #3125
- chore: improve webhook unit tests by @mevan-karu in #3074
- chore: add LakshanSS as code owner by @rashadism in #3129
- chore: update mcp tool development guide by @chathuranga95 in #3126
- test: add cluster agent unit tests by @yashodgayashan in #3127
- test(cli): improve test coverage for logs and workflowrun cmd packages by @JanakaSandaruwan in #3091
- test(controller): add unit tests for renderedrelease status functions by @VajiraPrabuddhaka in #3128
- test: add cluster gateway unit tests by @yashodgayashan in #3135
- test(cli): add unit tests for openapi_client using mockery by @JanakaSandaruwan in #3139
- fix: enfore trace limit at OpenSearch end using aggregations by @nilushancosta in #3134
- docs: clarify bug triage backport guidance by @tishan89 in #3141
- test: add openchoreo api handler unit tests by @chalindukodikara in #3140
- test(cli): add unit tests for componentrelease and releasebinding by @JanakaSandaruwan in #3142
- test: add tests for workflowplane, workflow, and workload controllers by @chalindukodikara in #3143
- test(controller): add finalization integration tests for renderedrelease by @VajiraPrabuddhaka in #3144
- chore: exclude CLI testhelpers from codecov coverage by @JanakaSandaruwan in #3145
- test(cli): improve workload cmd test coverage by @JanakaSandaruwan in #3146
- test: add tests for observer service by @yashodgayashan in #3147
- test: increase test coverage for cluster agent and cluster gateway by @yashodgayashan in #3150
- test: add unit tests for internal/scaffold/component package by @ChathurangaKCD in #3148
- test: add missing disabled authorizer test by @binoyPeries in #3151
- test(cli): increase workload converter test coverage by @JanakaSandaruwan in #3152
- test: migrate to mockery mocks and add test for authz service by @binoyPeries in #3154
- fix: deduplicate service ports in toServicePorts() CEL function by @ChathurangaKCD in #3157
- test: migrate authz test mocks to use mockery by @binoyPeries in #3158
- test: add missing unit test for authz helpers by @binoyPeries in #3161
- feat: add alert suppression to deduplicate webhook notifications by @rashadism in #3132
- test(api): add NewProxyClient validation coverage by @Ketharan in #3162
- test: add cluster roles and namespace roles by @chathuranga95 in #3163
- chore: add layout to codecov PR comment config by @Mirage20 in #3166
- fix: use non-condensed layout for codecov PR comment by @Mirage20 in #3169
- test: add unit tests for auth, login, and logout packages by @JanakaSandaruwan in #3168
- chore: update Dockerfile package versions by @Ketharan in #2538
- chore(deps): bump podman-runner image to v1.1 by @Ketharan in #3133
- refactor: migrate transform test assertions to testify and add new tests by @chathuranga95 in #3167
- chore: exclude copied argo and cilium types from codecov coverage by @chathuranga95 in #3170
- fix: remove intermittent webhook test failures by @rashadism in #3182
- chore: enforce project coverage regression check in codecov by @Mirage20 in #3184
- refactor: unify regular and embedded trait context builders by @ChathurangaKCD in #3181
- refactor(controller): consolidate plane ref resolution and introduce PlaneClientProvider by @Mirage20 in #3159
- test: add comprehensive unit tests for workflowrun service by @chathuranga95 in #3187
- test(controller): improve renderedrelease controller coverage by @Mirage20 in #3186
- fix: show span kind in observability tracing API responses by @nilushancosta in #3180
- refactor(cli): decouple occ CLI from shared pkg/cli abstractions by @JanakaSandaruwan in #3179
- test(cli): add test coverage for occ CLI packages by @JanakaSandaruwan in #3188
- feat: add status field for traces and spans by @akila-i in #3185
- feat(cli): add -o shorthand to --output-path flag by @JanakaSandaruwan in #3190
- docs: update README.md by @binura-g in #3195
- docs: revert the commit docs: update README.md by @sameerajayasoma in #3196
- docs: update README with latest OpenChoreo messaging by @sameerajayasoma in #3198
- chore: remove kube-prometheus-stack dependency from data-plane by @akila-i in #3160
- fix: add support to request scope durng token retrieval for client apps by @mevan-karu in #3200
- fix: include component UID in alert suppression check by @rashadism in #3208
- chore(deps): bump github/codeql-action from 4.35.1 to 4.35.2 by @dependabot[bot] in #3205
- chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 by @dependabot[bot] in #3204
- chore(deps): bump dawidd6/action-download-artifact from 19 to 20 by @dependabot[bot] in #3176
- chore(deps): bump docker/login-action from 4.0.0 to 4.1.0 by @dependabot[bot] in #3177
- chore(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0 by @dependabot[bot] in #3206
- chore(deps): bump go to 1.26.2 by @Mirage20 in #3218
- fix: fail rendering when a SecretKeyRef key is missing from the SecretReference by @ChathurangaKCD in #3215
- feat: add permission-based tool filtering middleware by @chathuranga95 in #3201
- fix(api): reword 403 error to reference operation not resource by @JanakaSandaruwan in #3239
- feat(helm): add extraVolumes, extraVolumeMounts, extraArgs and appConfig to backstage values by @Analect in #3219
- feat: add capability to observer to use a metrics adapter by @nilushancosta in #3240
- feat(api): include span and resource attributes in trace queries by @AnoshanJ in #3231
- chore(deps): bump aquasecurity/trivy-action from 0.35.0 to 0.36.0 by @dependabot[bot] in #3235
- chore(deps): bump korthout/backport-action from 4.3.0 to 4.4.0 by @dependabot[bot] in #3236
- chore: update file mount config schema descriptions by @chathuranga95 in #3259
- feat(api): add secret creation api across planes by @JanakaSandaruwan in #3261
- feat: add MCP tools for workflow run status, logs, and events by @rashadism in #3269
- feat: add CEL-based ABAC conditions to role bindings by @binoyPeries in #3243
- fix: enhance finalization logic for observability plane resources by @akila-i in #3228
- feat: add condition check for obs APIS by @binoyPeries in #3284
- feat: implement authz binding admission validation webhooks by @binoyPeries in #3285
- docs: adds sample to add a linter as a custom step in a CI workflow by @shirolk in #3297
- feat(controller): rolling restart via ReleaseBinding annotation by @JanakaSandaruwan in #3301
- feat: forward logs and tracing requests to an external adapter by default and update module versions by @nilushancosta in #3307
- fix(controller): clean up trait-created secrets on deletion by @JanakaSandaruwan in #3321
- fix: defer cancel in observer UID resolver until body is read by @hanzjk in #3331
- chore(deps): bump google.golang.org/grpc to v1.79.3 for CVE-2026-33186 by @chathuranga95 in #3357
- feat: update user profile retrieval to send constraints by @binoyPeries in #3349
- chore(deps): bump ai-rca-agent distroless base by @chathuranga95 in #3359
- chore(deps): bump github.com/jackc/pgx/v5 to v5.9.0 for CVE-2026-33816 by @chathuranga95 in #3361
- chore(deps): bump modelcontextprotocol/go-sdk to v1.4.1 for CVE-2026-27896 by @chathuranga95 in #3362
- fix: update logs adapter secret name in module helm chart installation by @akila-i in #3363
- feat: add mcp server to SRE agent by @yashodgayashan in #3351
- feat(api): expose connection resolution status in ReleaseBindingStatus by @ChathurangaKCD in #3265
- feat: update action registry to include condition types by @binoyPeries in #3360
- chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 by @dependabot[bot] in #3373
- chore(deps): bump sigstore/cosign-installer from 4.1.1 to 4.1.2 by @dependabot[bot] in #3372
- chore(deps): bump korthout/backport-action from 4.4.0 to 4.5.1 by @dependabot[bot] in #3371
- chore(deps): bump Go dependencies for vulnerability alerts by @chathuranga95 in #3367
- fix: sort rendered file-mount volumes to prevent rollout loops by @VajiraPrabuddhaka in #3303
- fix: make branch ref and version env overridable in prerequisite and obs plane installation scripts by @mevan-karu in #3378
- fix(controller): enhance GVK handling for data and observability planes by @akila-i in #3369
- feat(api): remove update secret endpoint by @JanakaSandaruwan in #3380
- feat: add finOps agent by @nilushancosta in #3358
- feat: add budget alert type to ObservabilityAlertRule CRD by @nilushancosta in #3381
- feat: introduce perch, AI agent for OC by @yashodgayashan in #3365
- feat: add toolset and authz query params for tool filtering by @chathuranga95 in #3384
- feat: round out MCP server tool surface by @rashadism in #3389
- feat: add relevant workflows for openchoreo repo release automation by @mevan-karu in #3342
- revert: introduce perch, AI agent for OC by @yashodgayashan in #3391
- fix: use openchoreo.dev/restartedAt on pod template by @JanakaSandaruwan in #3393
- feat: update observer to handle budget alert CRUD operations and webhook actions by @nilushancosta in #3386
- feat: add resource abstraction CRDs and controllers by @Mirage20 in #3392
- feat: add event-forwarder for event-driven Backstage catalog sync by @stefinie123 in #3382
- fix: harden quick-start scripts against common misconfigurations by @isala404 in #3406
- test: add integration tests for CEL validation rule failure propagation by @ChathurangaKCD in #3411
- chore: bump version to 1.1.0-alpha-1 by @LakshanSS in #3413
- docs: update changelog for v1.1.0-alpha-1 release by @LakshanSS in #3416
- feat: support wildcard action patterns when adding conditions by @binoyPeries in #3410
- feat: add get_resource_tree and tighten MCP tool surface ergonomics by @rashadism in #3414
- feat: add workload wiring for resource dependencies by @Mirage20 in #3404
- feat: add finOpsAgentURL field to ObservabilityPlane CRD by @nilushancosta in #3412
- feat(api): surface webhook validation as HTTP 422 with field paths by @Mirage20 in #3426
- feat: add new finopsreport:view action by @nilushancosta in #3429
- chore: bump version to 1.1.0 by @LakshanSS in #3432
- feat(controller): add support for CiliumNetworkPolicy generation by @akila-i in #3270
- chore: update release pipeline to use github app by @mevan-karu in #3397
- feat: add validating admission webhooks for resource type CRDs by @Mirage20 in #3428
- feat: install tracing module in quickstart and bump metrics to 0.5.1 by @rashadism in #3434
- refactor: update finops agent configs and add role and rolebinding by @nilushancosta in #3438
- feat(api): add OpenChoreo API endpoints for resource abstractions by @Mirage20 in #3440
- chore: update release pipelines to use client_id instead of app_id by @mevan-karu in #3446
- feat(cli): add commands for resource abstractions by @Mirage20 in #3445
- chore: improve build and test and release-ochestrator workflows by @mevan-karu in #3450
- chore: temp version downgrade for 0.0.0 to tryout the new release pipelines by @mevan-karu in #3442
- chore: cancel in progress build workflows for only pull requests by @mevan-karu in #3453
- chore: fix code-gen issue with url update in release-ochestrator by @mevan-karu in #3456
- feat(api): add GET/LIST/PUT to Secret API with feature flag by @JanakaSandaruwan in #3457
- fix: verify cluster gateway TLS certificates by default by @chathuranga95 in #3458
- fix: align cluster gateway TLS configuration by @chathuranga95 in #3463
- fix: omit cluster gateway CA config when TLS is disabled by @chathuranga95 in #3464
- feat(cli): add occ secret get, list, create, delete commands by @JanakaSandaruwan in #3415
- feat: add capability to update FinOps reports by @nilushancosta in #3462
- feat(helm): add shared features.secretManagement flag to control plane by @JanakaSandaruwan in #3465
- feat: add project update tool by @prdai in #3375
- feat: update validation logic in Observer to accept budget type metric alert rules by @nilushancosta in #3469
- feat: introduce perch, AI agent for OC by @yashodgayashan in #3455
- feat(api): support labels on Secret API create and update by @JanakaSandaruwan in #3467
- chore: update release-ochestrator to check the build-and-test action status by @mevan-karu in #3461
- chore(deps): bump github.com/go-playground/validator/v10 from 10.30.1 to 10.30.2 by @dependabot[bot] in #3473
- chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 by @dependabot[bot] in #3475
- chore(deps): bump korthout/backport-action from 4.5.1 to 4.5.2 by @dependabot[bot] in #3476
- chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 by @dependabot[bot] in #3478
- fix(deps): bump agent dependencies to clear dependabot alerts by @rashadism in #3480
- feat: collapse paired namespace/cluster tools behind a scope arg by @chathuranga95 in #3431
- chore(deps): bump Go toolchain to 1.26.3 by @chathuranga95 in #3479
- fix: use release branch head for patch releases by @mevan-karu in #3482
- feat: update backstage helm values for perch agent by @yashodgayashan in #3481
- chore(deps): bump x/net by @chathuranga95 in #3485
- feat: add runtime topology endpoint handler and interface by @akila-i in #3451
- feat: allow updating CPU and memory limits through the finops agent and fix remediation actions in report by @nilushancosta in #3488
- feat: improve perch agent response time by @yashodgayashan in #3487
- chore: update observability module versions in install scripts by @akila-i in #3490
- test: add unit and integration tests for notification channel by @akila-i in #3492
- feat(cli): add occ component exec for interactive pod exec by @Ketharan in #3433
- feat: improve perch agent latency by @yashodgayashan in #3493
- fix(controller): surface real reason when observability release is skipped by @akila-i in #3494
- refactor: remove isStatusOnlyChange function and related tests from event-forwarder by @stefinie123 in #3459
- feat(cli): add occ secret update and --category on create by @JanakaSandaruwan in #3495
- refactor: split scoped tools by resource and lead with canonical tools by @chathuranga95 in #3497
- fix: handle oneOf/anyOf/allOf schemas in CEL expression validation by @ChathurangaKCD in #3496
- feat(api): add ScopeResource as sibling sub-scope under project by @Mirage20 in #3448
- feat: add MCP tools for authz role + binding CRUD and evaluation by @rashadism in #3486
- feat: improve perch agent response time by @yashodgayashan in #3502
- fix: windows build and bump spdystream for CVE by @Ketharan in #3499
- feat: add budget alert parameters to observability-alert-rule trait sample by @nilushancosta in #3501
- chore: improve release-ochestrator to support pre-releases by @mevan-karu in #3491
- fix(api): expose workload.dependencies.resources in openapi schema by @Mirage20 in #3506
- refactor: move secret reference writes to the pe toolset by @rashadism in #3504
- fix: use gateway TLS config for exec WebSocket dialer by @Ketharan in #3505
- fix: update perch agent base image by @yashodgayashan in #3510
- fix: use two different clients for backstage user and service clients by @mevan-karu in #3511
- fix: add perch-agent url to http route to increase the call timeout by @yashodgayashan in #3512
- docs: update multi-cluster k3d README by @rashadism in #3515
- feat: expose gateway info in Resource pipeline CEL context by @Mirage20 in #3516
- feat(helm): enable secretManagement in k3d single-cluster by @JanakaSandaruwan in #3517
- refactor: fine-tune finops agent prompts and fix logical vs kubernetes name mismatch by @nilushancosta in #3518
- fix: guard embedded trait envConfigs CEL bindings against missing keys by @mevan-karu in #3520
- feat: ship default postgres, valkey, and nats ClusterResourceTypes by @Mirage20 in #3521
- feat(api): make username optional for basic-auth secrets by @JanakaSandaruwan in #3522
- chore: update observability-metrics-prometheus module version by @nilushancosta in #3523
- fix: remove effort level for mini models for perch by @yashodgayashan in #3530
- feat: watch resource abstraction CRDs in event-forwarder by @Mirage20 in #3526
- feat: add doclet from-image sample with composite Resource URL outputs by @Mirage20 in #3528
- feat(cli): parse resource dependencies in workload descriptor by @Mirage20 in #3527
- chore(deps): bump ai-rca-agent distroless base by @chathuranga95 in #3533
- fix(api): allow empty string values for env vars and config files by @VajiraPrabuddhaka in #3534
- feat: add --namespace flag to componentrelease generate by @JanakaSandaruwan in #3535
- fix: add credentials support to Observer CORS middleware by @isala404 in #3538
- feat: update pearch prompt to get components by @yashodgayashan in #3531
- feat: rename perch agent to portal assistant by @yashodgayashan in #3539
- feat(api): add resource family MCP tools by @Mirage20 in #3529
- fix: add credentials support to FinOps and RCA agent middleware by @nilushancosta in #3542
- fix: observability-traces-opensearch release name in multicluster setup guide by @ChathurangaKCD in #3543
- feat: add sample for the portal assistant by @yashodgayashan in #3545
- fix: add pods/exec RBAC to data plane cluster-agent for occ component exec by @Ketharan in #3547
- fix: populate the actual cost value in the report from the value received in the alert by @nilushancosta in #3549
- docs: add changelog entries for v1.1.0 by @yashodgayashan in #3548
- test: envtest coverage for release smoke retirement by @chathuranga95 in #3559
- docs: add resource abstraction CRDs to kind reference guide by @Mirage20 in #3580
- chore(deps): bump codecov/codecov-action from 6.0.0 to 6.0.1 by @dependabot[bot] in #3583
- chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 by @dependabot[bot] in #3582
- chore(deps): bump actions/stale from 10.2.0 to 10.3.0 by @dependabot[bot] in #3581
- chore(deps): bump github.com/oapi-codegen/runtime from 1.1.2 to 1.4.1 by @dependabot[bot] in #3579
- chore(deps): bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.29.0 by @dependabot[bot] in #3578
- feat: add removes section to Trait API for deleting rendered resources by @NomadXD in #3573
- feat: add build pipeline integration to k3d registry cache by @ChathurangaKCD in #3587
- feat: introduce
resource.componentTypeABAC condition by @binoyPeries in #3591 - feat: strip workloadType prefix from resource.componentType attr by @binoyPeries in #3593
- test: add coverage for workload types and microservices demo suites by @chathuranga95 in #3589
- test: label e2e tests and scope nightly e2e test run by @chathuranga95 in #3594
- test: add e2e coverage for secrets/ESO rendering pipeline by @ChathurangaKCD in #3597
- feat: resolve endpoint URLs for GRPCRoute and TLSRoute by @NomadXD in #3592
- chore(deps): bump modernc.org/sqlite from 1.46.1 to 1.50.1 by @dependabot[bot] in #3477
- chore(deps): bump github.com/getkin/kin-openapi from 0.133.0 to 0.138.0 by @dependabot[bot] in #3471
- test: add gateway e2e test suite for visibility and routing by @ChathurangaKCD in #3605
- refactor: precompute CEL macro results into typed derived context by @ChathurangaKCD in #3604
- test: add extended e2e coverage for build and gitops by @chathuranga95 in #3607
- feat: stream Cilium Hubble wirelogs via openchoreo-api by @akila-i in #3571
- feat: introduce
resource.resourceTypeABAC condition by @binoyPeries in #3612 - fix: include remoteRef content in ExternalSecret resource name hash by @ChathurangaKCD in #3610
- feat: update k8s version to 36 by @yashodgayashan in #3596
- refactor: remove code paths that called OpenSearch and Prometheus endpoints directly from Observer by @nilushancosta in #3615
- fix: update wirelogs endpoint to include API version by @akila-i in #3620
- feat: introduce
resource.workflowABAC condition by @binoyPeries in #3618 - test: add observability-plane e2e suites to extended e2e tests by @chathuranga95 in #3611
- test: fix e2e test OP values by @chathuranga95 in #3622
- test: add e2e test suite for occ CLI by @ChathurangaKCD in #3617
- test: update secret e2e to validate ExternalSecret name change on remoteRef update by @ChathurangaKCD in #3625
- test: add componentrelease and delete command coverage to occ e2e suite by @ChathurangaKCD in #3626
- test: add MCP server e2e test suite by @ChathurangaKCD in #3627
- test: add e2e test suite for OpenChoreo API endpoints by @ChathurangaKCD in #3628
- chore: update kubernetes version to 1.36 by @yashodgayashan in #3624
- feat: remove root access from workflow templates by @chalindukodikara in #3600
- test: add e2e test suite for authorization enforcement by @ChathurangaKCD in #3638
- fix: map release-next-vX.Y.Z branches to release-vX.Y for SAMPLES_BRANCH and cleanup branch after merge by @mevan-karu in #3645
- fix: add container args to openchoreo API e2e test fixtures by @ChathurangaKCD in #3647
- fix: use GITHUB_BASE_REF/GITHUB_REF_NAME for SAMPLES_BRANCH in CI by @mevan-karu in #3652
- docs: fix MCP tool deprecation notice link by @chathuranga95 in #3648
- chore: bump podman runner image to v1.2 by @chalindukodikara in #3653
- feat: use latest podman runner image in workflows by @chalindukodikara in #3658
- chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0 by @dependabot[bot] in #3636
- chore(deps): bump docker/login-action from 4.1.0 to 4.2.0 by @dependabot[bot] in #3635
- chore(deps): bump github.com/cilium/cilium from 1.16.19 to 1.19.4 by @dependabot[bot] in #3633
- chore(deps): bump github.com/onsi/gomega from 1.40.0 to 1.41.0 by @dependabot[bot] in #3632
- chore(deps): bump golang.org/x/term from 0.42.0 to 0.43.0 by @dependabot[bot] in #3631
- chore(deps): bump google.golang.org/grpc from 1.80.0 to 1.81.1 by @dependabot[bot] in #3629
- chore(deps): bump github.com/google/cel-go from 0.26.1 to 0.28.1 by @dependabot[bot] in #3472
- chore(deps): bump github.com/getkin/kin-openapi from 0.138.0 to 0.139.0 by @dependabot[bot] in #3634
- chore(deps): bump fastapi from 0.135.1 to 0.135.3 in /rca-agent by @dependabot[bot] in #3043
- chore(deps): bump dawidd6/action-download-artifact from 20 to 21 by @dependabot[bot] in #3266
- chore(deps): bump alpine from
2510918to5b10f43in /cmd/occ by @dependabot[bot] in #3275 - chore(deps): bump ubuntu from 24.04 to 26.04 in /install/base-images by @dependabot[bot] in #3276
- chore(deps): bump alpine from
2510918to5b10f43in /install/quick-start by @dependabot[bot] in #3278 - chore(deps): bump uvicorn from 0.41.0 to 0.42.0 in /rca-agent by @dependabot[bot] in #2873
- chore(deps): bump langchain-mcp-adapters from 0.2.1 to 0.2.2 in /rca-agent by @dependabot[bot] in #2867
- chore(deps): bump langchain-openai from 1.2.1 to 1.2.2 in /rca-agent by @dependabot[bot] in #3044
- chore(deps): bump github.com/prometheus/common from 0.67.5 to 0.68.0 by @dependabot[bot] in #1916
- chore(deps): bump distroless/static from
e3f9456to963fa6cin /cmd/openchoreo-api by @dependabot[bot] in #3666 - chore(deps): bump distroless/static from
e3f9456to963fa6cin /cmd/observer by @dependabot[bot] in #3664 - chore(deps): bump distroless/static from
f512d81to963fa6cin /cmd/event-forwarder by @dependabot[bot] in #3663 - chore(deps): bump distroless/static from
e3f9456to963fa6cin /cmd/cluster-agent by @dependabot[bot] in #3662 - chore(deps): bump distroless/static from
e3f9456to963fa6cin /cmd/cluster-gateway by @dependabot[bot] in #3661 - chore(deps): bump distroless/static from
e3f9456to963fa6cby @dependabot[bot] in #3660 - test: add playwright ui e2e tests for backstage portal by @chathuranga95 in #3667
- test: add pe-ops, abac-ui, and pkce-login ui specs by @chathuranga95 in #3670
- feat: migrate gcp microservices demo redis to a Resource by @Mirage20 in #3623
- test: add playwright ui e2e tests for component config edits by @ChathurangaKCD in #3679
- ci: gate releases on parallel e2e tiers by @chathuranga95 in #3681
- test: add ui e2e coverage for config overrides, validation, and secret lifecycle by @ChathurangaKCD in #3682
- chore: add e2e test badge to README by @chathuranga95 in #3683
- chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 by @dependabot[bot] in #3696
- chore(deps): bump actions/github-script from 7.1.0 to 9.0.0 by @dependabot[bot] in #3695
- chore(deps): bump langchain from 1.3.0 to 1.3.4 in /rca-agent by @dependabot[bot] in #3694
- chore(deps): bump fastapi from 0.135.3 to 0.136.3 in /rca-agent by @dependabot[bot] in #3692
- chore(deps): bump github.com/go-playground/validator/v10 from 10.30.2 to 10.30.3 by @dependabot[bot] in #3691
- chore(deps): bump modernc.org/sqlite from 1.50.1 to 1.51.0 by @dependabot[bot] in #3689
- chore(deps): update pyjwt[crypto] requirement from >=2.8.0 to >=2.13.0 in /rca-agent by @dependabot[bot] in #3690
- chore(deps): bump github.com/jackc/pgx/v5 from 5.9.2 to 5.10.0 by @dependabot[bot] in #3684
- chore(deps): bump mcp from 1.26.0 to 1.27.2 in /rca-agent by @dependabot[bot] in #3688
- chore(deps): bump argo-workflows from 0.45.2 to 1.0.14 in /install/helm/openchoreo-workflow-plane by @dependabot[bot] in #3665
- chore(deps): bump github/codeql-action from 4.36.0 to 4.36.1 by @dependabot[bot] in #3693
- chore(deps): bump github.com/knadh/koanf/v2 from 2.3.4 to 2.3.5 by @dependabot[bot] in #3686
- chore(deps): update sqlalchemy[asyncio] requirement from >=2.0.0 to >=2.0.50 in /rca-agent by @dependabot[bot] in #3685
- test: record ui e2e failure videos and screenshots at higher resolution by @chathuranga95 in #3698
- fix(helm): resolve webhook race condition on first install by @StereoSachiiii in #3606
- feat: expose endpoint schema resources to templates via an opt-in CEL macro by @NomadXD in #3671
- test: reduce duplicate tier3 e2e fixtures by @chathuranga95 in #3701
- feat: add build cache by @chalindukodikara in #3675
- fix(helm): align control plane pdb selectors by @prdai in #3449
- fix: handle existing releases in deployTo e2e page object by @ChathurangaKCD in #3702
- fix: sanitize Authorization header before routing to k8s API in cluster-agent by @MuhanedYahya in #3703
- test: trigger builds upfront to execute builds concurrently by @chathuranga95 in #3707
- refactor: move agent services under agents/ and align names by @rashadism in #3706
- chore: add end to end test readmes by @chathuranga95 in #3708
- chore(deps): bump uvicorn from 0.46.0 to 0.49.0 in /agents/portal-assistant by @dependabot[bot] in #3718
- chore(deps): bump uvicorn from 0.42.0 to 0.49.0 in /agents/sre-agent by @dependabot[bot] in #3719
- chore(deps): bump langchain from 1.2.17 to 1.3.4 in /agents/portal-assistant by @dependabot[bot] in #3717
- chore(deps): bump fastapi from 0.136.1 to 0.136.3 in /agents/portal-assistant by @dependabot[bot] in #3716
- chore(deps): update sqlalchemy[asyncio] requirement from >=2.0.0 to >=2.0.50 in /agents/finops-agent by @dependabot[bot] in #3715
- chore(deps): bump langchain from 1.2.16 to 1.3.4 in /agents/finops-agent by @dependabot[bot] in #3710
- chore(deps): bump pydantic-settings from 2.14.0 to 2.14.1 in /agents/finops-agent by @dependabot[bot] in #3711
- chore(deps): bump github/codeql-action from 4.36.1 to 4.36.2 by @dependabot[bot] in #3713
- chore(deps): bump fastapi from 0.136.1 to 0.136.3 in /agents/finops-agent by @dependabot[bot] in #3712
- chore(deps): bump uvicorn from 0.46.0 to 0.49.0 in /agents/finops-agent by @dependabot[bot] in #3714
- chore: improve extended e2e test suite to use a multi-cluster setup by @mevan-karu in #3720
- test: scope Deploy-graph Promote locator to the canvas by @chathuranga95 in #3735
- ci: add workflow to label community issues and PRs by @rashadism in #3732
- test: add quick start guide smoke test e2e workflow by @chathuranga95 in #3734
- feat: add secret CRUD permission to default role PE by @binoyPeries in #3741
- fix(cli): validate --project against component owner in workflow run by @rashadism in #3740
- feat(helm): add GitHub Actions external CI integration for Backstage by @niklasbeinghaus in #3641
- fix: correct opensearch pod selector in check-status.sh by @rashadism in #3745
- fix: prevent webhook downtime during controller-manager rolling upgrades by @rashadism in #3743
- test: add e2e tests for namespace creation, viewing and deletion by @mevan-karu in #3733
- feat: add k8s events querying functionality in observer API by @akila-i in #3738
- chore: add quick start test to e2e gate workflow by @chathuranga95 in #3749
- test: reload to re-query project relation in pe-ops namespace spec by @chathuranga95 in #3750
- test: add full CRUD e2e specs for all PE-ops CRDs by @ChathurangaKCD in #3748
- chore(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0 by @dependabot[bot] in #3747
- fix: add validation to restrict replica count for 1 in cluster gateway by @yashodgayashan in #3761
- fix: namespace mgt ui e2e test failure by @mevan-karu in #3751
- test: add e2e ui test for trait management and trait attachment by @mevan-karu in #3764
- feat: expose data plane annotations to the render context by @isala404 in #3754
- fix: scope save-error alert locator to fix flaky pe-ops yaml editor test by @chathuranga95 in #3772
- chore: pin builder, run, and lifecycle images by digest by @chalindukodikara in #3771
- chore: add image digests to build cache and registry cache by @chalindukodikara in #3774
- ci: run all e2e legs nightly via the gate by @chathuranga95 in #3767
- test: stabilize tier3 multi-cluster e2e against API server starvation by @chathuranga95 in #3773
- test: add e2e ui tests for observability logs, traces and metrics views by @mevan-karu in #3775
- fix(helm): avoid rendering replicas when HPA is enabled by @MenukaPerera42 in #3281
- feat: support build and runtime fix prompt by @yashodgayashan in #3763
- test: fix trait attach and detach test failures by @mevan-karu in #3783
- feat: add Kubernetes events collection to observability plane by @akila-i in #3781
- fix(helm): align selectors with pod labels by @MenukaPerera42 in #3385
- chore(deps): bump langchain-mcp-adapters from 0.2.2 to 0.3.0 in /agents/sre-agent by @dependabot[bot] in #3797
- chore(deps): bump golang.org/x/term from 0.43.0 to 0.44.0 by @dependabot[bot] in #3785
- chore(deps): bump langchain-openai from 1.2.1 to 1.3.0 in /agents/finops-agent by @dependabot[bot] in #3787
- chore(deps): bump langchain from 1.3.4 to 1.3.7 in /agents/finops-agent by @dependabot[bot] in #3788
- chore(deps): bump authlib from 1.7.1 to 1.7.2 in /agents/finops-agent by @dependabot[bot] in #3790
- chore(deps): bump langchain-openai from 1.2.1 to 1.3.0 in /agents/portal-assistant by @dependabot[bot] in #3792
- chore(deps): bump langchain from 1.3.4 to 1.3.7 in /agents/portal-assistant by @dependabot[bot] in #3793
- test: fix ClusterTrait catalog wait and pkce-login diagnostics by @chathuranga95 in #3798
- chore(deps): bump langchain-mcp-adapters from 0.2.2 to 0.3.0 in /agents/finops-agent by @dependabot[bot] in #3789
- chore(deps): bump langchain-mcp-adapters from 0.2.2 to 0.3.0 in /agents/portal-assistant by @dependabot[bot] in #3794
- chore(deps): bump langchain from 1.3.4 to 1.3.7 in /agents/sre-agent by @dependabot[bot] in #3795
- chore(deps): bump langchain-openai from 1.2.2 to 1.3.0 in /agents/sre-agent by @dependabot[bot] in #3796
- chore(deps): bump pytest-asyncio from 1.3.0 to 1.4.0 in /agents/portal-assistant by @dependabot[bot] in #3791
- feat(helm): add timeout policies to Backstage wirelogs streaming route by @akila-i in #3800
- chore: hide deprecated cluster-prefixed tools by default by @chathuranga95 in #3804
- refactor(api): make pod logs max size configurable by @chamodshehanka in #3078
- chore: bump version to 1.2.0-m1 by @openchoreo-release-bot[bot] in #3784
- chore: bump version to 1.2.0-m.1 by @openchoreo-release-bot[bot] in #3814
- docs: add changelog entries for v1.2.0-m.1 by @kaviththiranga in #3821
New Contributors
- @ThusharaSampath made their first contribution in #2955
- @Analect made their first contribution in #3219
- @AnoshanJ made their first contribution in #3231
- @prdai made their first contribution in #3375
- @StereoSachiiii made their first contribution in #3606
- @MuhanedYahya made their first contribution in #3703
- @niklasbeinghaus made their first contribution in #3641
- @MenukaPerera42 made their first contribution in #3281
- @chamodshehanka made their first contribution in #3078
Full Changelog: v1.0.0...v1.2.0-m.1
Contributors
kaviththiranga, tishan89, and 31 other contributors