Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Helm chart traefik to v33 #321

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update Helm chart traefik to v33 #321

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 30, 2024
edited
Loading

This PR contains the following updates:

Package Update Change
traefik (source) major 24.0.0 -> 33.0.0

Release Notes

traefik/traefik-helm-chart (traefik)

v33.0.0

Compare Source

Upgrade Notes

There are multiple breaking changes in this release:

  1. The default port of traefik entrypoint has changed from 9000 to 8080, just like the Traefik Proxy default port
    • You may have to update probes accordingly (or set this port back to 9000)
  2. publishedService is enabled by default on Ingress provider
    • You can disable it, if needed
  3. The POD_NAME and POD_NAMESPACE environment variables are now set by default, without values.
    • It is no longer necessary to add them in values and so, it can be removed from user values.
  4. In values, certResolvers specific syntax has been reworked to align with Traefik Proxy syntax.
    • PR #​1214 contains a complete before / after example on how to update values
  5. Traefik Proxy 3.2 supports Gateway API v1.2 (standard channel)
    • It is recommended to check that other software using Gateway API on your cluster are compatible
    • The Gateway API CRD upgrade may fail even with Flux, Argo or other CD tool
    • See release notes of gateway API v1.2 on how to upgrade their CRDs and avoid issues about invalid values on v1alpha2 version

The CRDs needs to be updated, as documented in the README.

ℹ️ A separate helm chart, just for CRDs, is being considered for a future release. See PR #​1123

⚠ BREAKING CHANGES
  • Env Variables: allow extending env without overwrite
  • certificateResolvers: 💥 🐛 use same syntax in Chart and in Traefik
  • Kubernetes Ingress: 💥 ✨ enable publishedService by default
  • Traefik: 💥 set 8080 as default port for traefik entrypoint
Features
  • Gateway API: ✨ add infrastructure in the values (2b28f7b)
  • Gateway API: ✨ standard install CRD v1.2.0 (4432f3c)
  • Traefik Proxy: update traefik docker tag to v3.2.0 (323e139)
  • Traefik Proxy: ✨ support Gateway API statusAddress (e7dcac1)
  • Traefik Proxy: CRDs for v3.2+ (d3c6d4c)
Bug Fixes
  • certificateResolvers: 💥 🐛 use same syntax in Chart and in Traefik (016822d)
  • Env Variables: allow extending env without overwrite (20f54b6)
  • Gateway API: 🐛 add missing required RBAC for v3.2 with experimental Channel (b872549)
  • schema: 🐛 targetPort can also be a string (12fee7e)
  • use correct children indentation for logs.access.filters (59073ef)
  • Kubernetes Ingress: 💥 ✨ enable publishedService by default (f7a96da)
  • Traefik: 💥 set 8080 as default port for traefik entrypoint (2b32ce7)
  • Traefik Hub: RBAC for distributedAcme (74abfee)
  • 🐛 http3 with internal service (7558e63)

New Contributors

v32.1.1

Compare Source

32.1.1 (2024-10-11)
Features
  • deps: update traefik docker tag to v3.1.6 (37f9f12)
Bug Fixes
  • schema: 🐛 targetPort can also be a string (c64c50a)

v32.1.0

Compare Source

Features
  • deps: update traefik docker tag to v3.1.5 (3b1860c)
  • Traefik Proxy: update rbac following v3.2 migration guide (cae906e)
Bug Fixes
  • 🐛 set disableIngressClassLookup until 3.1.4 (7c81ff5)

v32.0.0

Compare Source

⚠ BREAKING CHANGES

  • Traefik Hub. See release notes for more details.
    • CRD has to be updated before upgrading the Chart
    • There is a breaking change on how Redis is configured
Fixes
Features
  • Traefik Hub: add APIPlans and APIBundles CRDs (87d206e)
New Contributors

Full Changelog: traefik/traefik-helm-chart@v31.1.1...v32.0.0

v31.1.1

Compare Source

31.1.1 (2024-09-20)
Features
  • deps: update traefik docker tag to v3.1.4 (51b46ba)
Bug Fixes
  • 🐛 updateStrategy behavior (6c1c8c3)

v31.1.0

Compare Source

Features
  • ✨ input validation using schema (cf703c7)
  • ✨ add AllowACMEByPass and improve schema/doc on ports values (458cab9)
  • Traefik Hub: add new webhooks and removes unnecessary ones (d7c3622)
  • deps: update traefik docker tag to v3.1.3 (1ecf803)
Bug Fixes
  • 🐛 update CRD to v3.1 (2dc2253)

v31.0.0

Compare Source

⚠ BREAKING CHANGES
  • 🐛 set allowEmptyServices to true by default
  • CRDs needs to be upgraded for Traefik Hub users
    • kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/
Features
  • Traefik Hub: update CRDs to v1.7.0 (aa18d47)
Bug Fixes
  • HTTP3: split udp and tcp Service when service.single is false (24acadf)
  • 🐛 set allowEmptyServices to true by default (2324766)
  • Traefik Hub: update CRDs to v1.5.0 (ee3537a)

v30.1.0

Compare Source

Features
  • ✨ rework namespaced RBAC with disableClusterScopeResources (5b54cf7)
  • deps: update traefik docker tag to v3.1.2
  • deps: update traefik docker tag to v3.1.1
Bug Fixes
  • disable default HTTPS listener for gateway (f90f16e)
  • Gateway API: use Standard channel by default (ccdb66b)
  • Gateway API: wildcard support in hostname (93d1717)

v30.0.2

Compare Source

30.0.2 (2024-07-30)
Features
  • Traefik Hub: 🍻 add E2E tests on RBACs change (dd3bee0)
Bug Fixes
  • Traefik Hub: missing RBACs for Traefik Hub (ed80c4c)

v30.0.1

Compare Source

30.0.1 (2024-07-29)
Bug Fixes
  • Traefik Hub: RBACs missing with API Gateway (747f833)
  • Traefik Hub: support new RBACs for upcoming traefik hub release (0e81ea2)

v30.0.0

Compare Source

Upgrade notes

This release comes with a breaking change ⚠️ on how to configure Gateway with values (#​1133).
This release supports Traefik Proxy v3.0, v3.1 and Traefik Hub v3.3

Features
  • ✨ display release name and image full path in installation notes (b77d53d)
  • handle log filePath and noColor (51fc564)
  • use single ingressRoute template (9240475)
  • deps: update traefik docker tag to v3.1.0
Bug Fixes
  • 🐛 ingressroute default name (a494617)
  • can't set gateway name (13d302d)
  • namespaced RBACs hub api gateway (50c24e5)
  • remove version in OCI documentation (d613258)
  • Gateway API: provide expected roles when using namespaced RBAC (abc6310)
  • Gateway API: revamp Gateway implementation (5f2705d)
Documentation
  • EXAMPLES: 📚️ improve wording on dashboard access without exposing it (2b03ee8)

v29.0.1

Compare Source

29.0.1 (2024-07-09)
Features
  • ✨ publish chart on OCI registry (deaddf5)
Bug Fixes
  • RBACs for hub and disabled namespaced RBACs (0827106)
  • semverCompare failing on some legitimate tags (143b96f)

v29.0.0

Compare Source

Upgrade Notes

This is a major breaking upgrade. Migration guide from v3.0 to v3.1rc has been applied on this chart.

This release supports both Traefik Proxy v3.0.x and v3.1rc.

It comes with those ⚠️ breaking changes ⚠️ :

  • Far better support on Gateway API v1.1: Gateway, GatewayClass, CRDs & RBAC (#​1107)
  • Many changes on CRDs & RBAC (#​1072 & #​1108)
  • Refactor on Prometheus Operator support. Values has changed (#​1114)
  • Dashboard IngressRoute is now disabled by default (#​1111)

CRDs needs to be upgraded: kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/

Features
  • ✨ migrate to endpointslices rbac (0449b0b)
  • ✨ update CRDs & RBAC for Traefik Proxy (228c4e4)
  • allow to set hostAliases for traefik pod (42e5745)
  • dashboard: dashboard IngressRoute should be disabled by default (d9b856a)
  • providers: add nativeLBByDefault support (e75a85c)
  • providers: improve kubernetesGateway and Gateway API support (2eb640a)
  • workflow: add oci push (aa3022a)
  • deps: update traefik docker tag to v3.0.4
  • deps: update traefik docker tag to v3.0.3
Bug Fixes
  • dashboard: Only set ingressClass annotation when kubernetesCRD provider is listening for it (f142f6c)
  • rbac: nodes API permissions for Traefik v3.1+ (647439d)
  • allow multiples values in the secretResourceNames slice (24978e8)
  • 🐛 improve error message on additional service without ports (d4cab24)
  • prometheus operator settings (7d3a90d)
Documentation
  • fix typos and broken link (e43afd4)
New Contributors

v28.3.0

Compare Source

Features
  • allow setting permanent on redirectTo (1b454e9)
Bug Fixes

New Contributors

Full Changelog: traefik/traefik-helm-chart@v28.2.0...v28.3.0

v28.2.0

Compare Source

⚠️ This release align to Kubernetes default (Always) for podSecurityContext.fsGroupChangePolicy. It was OnRootMismatch in previous release of this chart. It can easily be set (back) to OnRootMismatch if needed, see EXAMPLES.

Features
Bug Fixes
  • IngressClass: provides annotation on IngressRoutes when it's enabled (f5de0c3)
New Contributors

Full Changelog: traefik/traefik-helm-chart@v28.1.0...v28.2.0

v28.1.0

Compare Source

Features
  • Traefik Hub: add initial support for API Gateway (dc5c68d)
  • Traefik Hub: use Traefik Proxy otlp config (a910db4)
Bug Fixes
  • Traefik Hub: refine support (60d210d)
  • Traefik Hub: do not deploy mutating webhook when enabling only API Gateway (cb2a98d)
Documentation
  • example: Update Digital Ocean PROXY Protocol (9850319)
  • 📚️ improve UPGRADING section (54ec665)

v28.0.0

Compare Source

⚠ BREAKING CHANGES
Features
  • podtemplate: set GOMEMLIMIT, GOMAXPROCS when limits are defined (e4f2aa8)
  • 💥 initial support of Traefik Proxy v3 (536059d)
  • ✨ add support of experimental-v3.0 unstable version (579984c)
  • ✨ fail gracefully when required port number is not set (f8be5e1)
  • ports: add transport options (47e0f28)
  • ability to override liveness and readiness probe paths (ea95df0)
Bug Fixes
  • 🐛 logs filters on status codes (c204014)
  • 🐛 only expose http3 port on service when TCP variant is exposed (2d6243d)
Styles
  • 🎨 consistent capitalization on --entryPoints CLI flag (b1f6f96)
Documentation
  • 📚️ improve EXAMPLES on acme resolver (2252aba)

New Contributors

v27.0.2

Compare Source

27.0.2 (2024-04-12)
Upgrade Notes

This release comes with an important fix for https://github.com/traefik/traefik/issues/10598 introduced in v2.11.1, see upstream release notes.

Features
  • feat: ✨ update Traefik Proxy to v2.11.2 (#​1034)

v27.0.1

Compare Source

27.0.1 (2024-04-11)
Upgrade notes

🚨 Traefik Proxy v2.11.1 introduces lingeringTimeout, see https://github.com/traefik/traefik/pull/10569, that can be breaking for server-first protocols. This new setting can be set with additionalArguments.

Features
  • release v27.0.1 with Traefik Proxy to v2.11.1 (4dadd66)

v27.0.0

Compare Source

⚠ BREAKING CHANGES
  • 💥 refactor custom services and port exposure (7e349d4)

Upgrade notes

Custom services and port exposure have been redesigned, requiring the following changes:

  • if you were overriding port exposure behavior using the expose or exposeInternal flags, you should replace them with a service name to boolean mapping, i.e. replace this:
ports:
   web:
      port: 80
      expose: false
      exposeInternal: true

with this:

ports:
   web:
      port: 80
      expose:
         default: false
         internal: true
  • if you were previously using the service.internal value, you should migrate the values to the service.additionalServices.internal value instead; this should yield the same results, but make sure to carefully check for any changes!
Features
  • restrict access to secrets (8fbae97)
Bug Fixes
  • rbac: do not create clusterrole for namespace deployment on Traefik v3 (d0f3442)
  • remove null annotations on dashboard IngressRoute (606ab52)
  • use hostIP also on entrypoint and healthChecks when set (82a3cab)

New Contributors

Full Changelog: traefik/traefik-helm-chart@v26.1.0...v27.0.0

v26.1.0

Compare Source

Important notice

ℹ️ CRDs has been updated in this release. On Traefik v2, there is no new or removed field, just description format update by upstream library.

⚠️ This Chart does not support Traefik v3 beta and rc versions.

Features
  • update traefik docker tag to v2.11.0 (843d1d7)
  • allow exposure of ports on internal service only (d9f4731)
  • create v1 Gateway and GatewayClass Version for Traefik v3 (85697f0)
  • set runtimeClassName on pod spec (c07d55c)
Bug Fixes
  • 🐛 missing quote on experimental plugin args (e7ce1b4)
  • 🐛 set runtimeClassName at pod level (3d76d3e)
  • update traefik v3 serverstransporttcps CRD (e404db9)

v26.0.0

Compare Source

Breaking Changes

This release can be breaking for:

Features
  • 💥 unify plugin import between traefik and this chart (cbddacb)
  • 💥 deployment.podannotations support interpolation with tpl (d31b991)
  • add file provider (ddd6cee)
  • allow defining startupProbe (f061628)
  • allow update of namespace policy for websecure listener (2045843)
Bug Fixes
  • 🐛 declare http3 udp port, with or without hostport (76dcb02)
  • 🐛 improve confusing suggested value on openTelemetry.grpc (6a6efc1)

New Contributors

Full Changelog: traefik/traefik-helm-chart@v25.0.0...v26.0.0

v25.0.0

Compare Source

The two breaking changes are:

  1. On redirectTo, ports.web.redirectTo=websecure => ports.web.redirectTo.port=websecure.
  2. On gateway, all values are now flattened to experimental.kubernetesGateway.
Features
Bug Fixes
  • 🐛 remove old CRDs using traefik.containo.us (6484a40)
  • add missing separator in crds (ba67d9b)
  • add Prometheus scraping annotations only if serviceMonitor not created (6b2268f)
  • allow updateStrategy.rollingUpdate.maxUnavailable to be passed in as an int or string (0dcc834)
  • detect correctly v3 version when using sha in image.tag (1f043da)
  • disable ClusterRole and ClusterRoleBinding when not needed (14d4895)
Reverts
  • "fix: 🐛 remove old CRDs using traefik.containo.us" (bf75a5d)
Documentation
  • 📚️ how to use this chart as a dependency (18c9d45)
  • fix typo in README (d1a2770)
  • Fix typo in the default values file (607b808)
  • remove email from apiToken in CloudFlare example (9b9f306)

New Contributors

Full Changelog: traefik/traefik-helm-chart@v24.0.0...v25.0.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
Update Helm chart traefik to v33
b983f7d 
| datasource | package | from   | to     |
| ---------- | ------- | ------ | ------ |
| helm       | traefik | 24.0.0 | 33.0.0 |
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependency/major renovate/helm-chart renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants