diff --git a/.github/workflows/knative-go-build.yaml b/.github/workflows/knative-go-build.yaml index 0ecbdbccba..10c3de1a1e 100644 --- a/.github/workflows/knative-go-build.yaml +++ b/.github/workflows/knative-go-build.yaml @@ -1,7 +1,7 @@ # Copyright 2020 The Knative Authors. # SPDX-License-Identifier: Apache-2.0 -# This file is automagically synced here from github.com/knative-sandbox/knobots +# This file is automagically synced here from github.com/knative-extensions/knobots name: Build diff --git a/.github/workflows/knative-go-test.yaml b/.github/workflows/knative-go-test.yaml index 52a2d60edd..75d921e216 100644 --- a/.github/workflows/knative-go-test.yaml +++ b/.github/workflows/knative-go-test.yaml @@ -1,7 +1,7 @@ # Copyright 2022 The Knative Authors. # SPDX-License-Identifier: Apache-2.0 -# This file is automagically synced here from github.com/knative-sandbox/knobots +# This file is automagically synced here from github.com/knative-extensions/knobots name: Test diff --git a/.github/workflows/knative-security.yaml b/.github/workflows/knative-security.yaml index 4a0848ca6a..a6cd68137a 100644 --- a/.github/workflows/knative-security.yaml +++ b/.github/workflows/knative-security.yaml @@ -1,7 +1,7 @@ # Copyright 2020 The Knative Authors. # SPDX-License-Identifier: Apache-2.0 -# This file is automagically synced here from github.com/knative-sandbox/knobots +# This file is automagically synced here from github.com/knative-extensions/knobots name: 'Security' diff --git a/.github/workflows/knative-stale.yaml b/.github/workflows/knative-stale.yaml index e46461c1ef..2e25b9d99a 100644 --- a/.github/workflows/knative-stale.yaml +++ b/.github/workflows/knative-stale.yaml @@ -1,7 +1,7 @@ # Copyright 2020 The Knative Authors. # SPDX-License-Identifier: Apache-2.0 -# This file is automagically synced here from github.com/knative-sandbox/knobots +# This file is automagically synced here from github.com/knative-extensions/knobots name: 'Close stale' on: diff --git a/.github/workflows/knative-style.yaml b/.github/workflows/knative-style.yaml index 7ca9e60244..55bb1537cc 100644 --- a/.github/workflows/knative-style.yaml +++ b/.github/workflows/knative-style.yaml @@ -1,7 +1,7 @@ # Copyright 2020 The Knative Authors. # SPDX-License-Identifier: Apache-2.0 -# This file is automagically synced here from github.com/knative-sandbox/knobots +# This file is automagically synced here from github.com/knative-extensions/knobots name: Code Style diff --git a/.github/workflows/knative-verify.yaml b/.github/workflows/knative-verify.yaml index 28a4af54bc..e1a28c4f50 100644 --- a/.github/workflows/knative-verify.yaml +++ b/.github/workflows/knative-verify.yaml @@ -12,8 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -# This file is automagically synced here from github.com/knative-sandbox/.github -# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten. +# This file is automagically synced here from github.com/knative-extensions/.github +# repo by knobots: https://github.com/knative-extensions/knobots and will be overwritten. name: Verify diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES index ba495bfd21..ad7e618bc2 100644 --- a/OWNERS_ALIASES +++ b/OWNERS_ALIASES @@ -49,6 +49,7 @@ aliases: - odacremolbap - pierDipi func-reviewers: + - gauron99 - jrangelramos - nainaz func-writers: diff --git a/blog/config/nav.yml b/blog/config/nav.yml index a6c7b3d616..2120512160 100644 --- a/blog/config/nav.yml +++ b/blog/config/nav.yml @@ -17,6 +17,7 @@ nav: - Blog: - index.md - Releases: + - releases/announcing-knative-v1-11-release.md - releases/announcing-knative-v1-10-release.md - releases/announcing-knative-v1-9-release.md - releases/announcing-knative-v1-8-release.md @@ -46,6 +47,7 @@ nav: - releases/announcing-knative-v0-2-release.md - Articles: - articles/knative-eventing-vision.md + - articles/new_event_discovery_features.md - articles/getting-started-blog-p1.md - articles/getting-started-blog-p0.md - articles/improved-ha-configuration.md diff --git a/blog/docs/articles/new_event_discovery_features.md b/blog/docs/articles/new_event_discovery_features.md new file mode 100644 index 0000000000..4595e4e7cb --- /dev/null +++ b/blog/docs/articles/new_event_discovery_features.md @@ -0,0 +1,81 @@ +# Better Developer experience with improved event discovery in Knative + +**Authors: David Simansky, Senior Software Engineer @ Red Hat, Matthias Weßendorf, Senior Principal Software Engineer @ Red Hat** + +**Date: 2023-07-26** + +_In this blog post you will learn about the new enhancements in Knative Eventing around event discovery._ + +Event discovery is an important part of event-driven applications, since it allows developers to better understand system dynamics and what events to consume. It does enable a more efficient and robust application design. + +### Knative Event Type API enhancements + +With the latest 1.11 release of Knative Eventing there were a few improvements related to improved Event discovery: + +* `EventType` API bumped to `v1beta2` +* Making use of `reference`s to point to any Resource like Channels or Sinks, not just brokers +* Enhance build-in Sources to create eventypes for any binding, not just brokers. +* Automatic EvenType creation for Brokers and Channels + +#### EventType API changes and version bump + +After a couple of years being on version `v1beta1` the `EventType` API in Knative has changed and was bumped to `v1beta2`. The version bump did not come alone, it was combined with an overhaul for improved developer experience. It is now possible to point to any resource from an Event type object, instead of being only restricted to broker objects. + +### Referencing other resources + +The new version is marking the `broker` field as deprecated and it will be removed in a future release, instead we now have the `reference` field which takes any `KReference` API type, being able to point to any sink, channel or the broker as well. Let's take a look at the new `EventType` object: + +```yaml +apiVersion: eventing.knative.dev/v1beta2 +kind: EventType +metadata: + name: dev.knative.source.github.push-sss34cnb + namespace: default +spec: + type: dev.knative.source.github.push + source: https://github.com/knative/eventing + reference: + apiVersion: messaging.knative.dev/v1 + kind: InMemoryChannel + name: testchannel +``` + +The status was also changed, since we do just require the reference to be existing, instead of being also ready itself. + +#### Duck Sources + +The above enhancement did allow an additional change for the build-in sources, or any source that is compliant to the Sources Duck type. For instance until previous releases `EventType` objects where only created automatically when the source was pointing to a broker, because of the above restriction. Now those are created for any referenced sink, on the source, like: + +```yaml +apiVersion: sources.knative.dev/v1 +kind: PingSource +metadata: + name: ping-source-broker2 +spec: + schedule: "*/1 * * * *" + data: '{"message": "Hello world!"}' + sink: + ref: + apiVersion: v1 + kind: Service + name: log-receiver +``` + +This results in an auto-created event type, like: + +```bash +k get eventtypes.eventing.knative.dev -A +NAMESPACE NAME TYPE SOURCE SCHEMA REFERENCE NAME REFERENCE KIND DESCRIPTION READY REASON +default 93774a924a741245a94313745d78e69f dev.knative.sources.ping /apis/v1/namespaces/default/pingsources/ping-source-broker2 log-receiver Service True +``` +#### Auto Event Type creation + +Furthermore to improve the experience with consumption and creation of `EventTypes`, there's a new experimental feature to automatically create `EventTypes` objects based on processed events on the broker ingress and in-memory channels. Instead of manually creating them as yaml manifests along the application code that talks to the Broker or Channel API. This behaviour can be enabled by feature flag `eventtype-auto-creation` in `config-features` ConfigMap. For futher details and examples please refer to [the documentation](https://knative.dev/docs/eventing/experimental-features/eventtype-auto-create/). + + + +### Conclusion + +This blog post introduced new features and improvements to `EventType` discoroverability. The main motivation is to harden the position of developer's insight into the event-driven applications to ease up the discovery and speed up development. + +We look forward from the community to further enhance `EventType` API and discoverability. Please reach out on the CNCF Slack's [#knative-eventing](https://cloud-native.slack.com/archives/C04LMU33V1S) or GitHub [issues](https://github.com/knative/eventing/issues). diff --git a/blog/docs/index.md b/blog/docs/index.md index 8542afd7d0..3558922a53 100644 --- a/blog/docs/index.md +++ b/blog/docs/index.md @@ -22,6 +22,11 @@ Follow this blog to keep up-to-date with Knative. ## Featured Posts +### Knative 1.11 is out! +Details on the 1.11 release of the Knative project. + +[Read more :octicons-arrow-right-24:](releases/announcing-knative-v1-11-release.md){ .md-button } + ### Knative at KubeCon + CloudNativeCon Europe 2023 We are looking forward to seeing you all there. @@ -33,11 +38,6 @@ This is a big milestone for our project and we are excited to join the [CNCF](ht [Read more :octicons-arrow-right-24:](steering/cncf.md){ .md-button } -### Knative 1.8 is out! -Details on the 1.8 release of the Knative project. - -[Read more :octicons-arrow-right-24:](releases/announcing-knative-v1-8-release.md){ .md-button } - ### Highlighting the value of Knative for the c-suite Deploy faster and more cost-effectively without hard-to-find, specialized expertise. Knative—building on Kubernetes—supports serverless code development and deployment. This allows your developers to focus on creating code and deploying resilient applications fast without having to become experts on Kubernetes... diff --git a/blog/docs/releases/announcing-knative-v1-11-release.md b/blog/docs/releases/announcing-knative-v1-11-release.md new file mode 100644 index 0000000000..a34b2c4cd9 --- /dev/null +++ b/blog/docs/releases/announcing-knative-v1-11-release.md @@ -0,0 +1,156 @@ +--- +title: "v1.11 release" +linkTitle: "v1.11 release" +author: "[Pierangelo Di Pilato (Red Hat)](https://github.com/pierDipi), [David Simansky (Red Hat)](https://github.com/dsimansk), [Christoph Stäbler (Red Hat)](https://github.com/creydr), [Stavros Kontopoulos (Red Hat)](https://github.com/skonto), [Vishal Choudhary (individual contributor)](https://github.com/Vishal-Chdhry)" +author handle: https://github.com/pierDipi https://github.com/dsimansk https://github.com/creydr https://github.com/skonto https://github.com/Vishal-Chdhry +date: 2023-07-25 +description: "Knative v1.11 release announcement" +type: "blog" +--- + +# Announcing Knative 1.11 Release + +A new version of Knative is now available across multiple components. + +Follow the instructions in [Installing Knative](https://knative.dev/docs/install/) to install the components you require. + +This release brings a number of smaller improvements to the core Knative Serving and Eventing components, and several improvements to specific plugins. + +## Table of Contents + +- [Serving](#serving) +- [Eventing](#eventing) +- [`kn` CLI](#client) +- [Functions](#functions) +- [Knative Operator](#operator) + +## Serving + +[Release Notes](https://github.com/knative/serving/releases/tag/knative-v1.11.0) + +### 🚨 Breaking or Notable +- Activator uses TLS 1.3 as the minimum version when internal encryption is activated for communication with queue-proxy (#13887, @izabelacg) +- Domain mapping controller logic is now merged with the Serving controller. Domainmapping webhook is merged with the Serving webhook. (#14082, @skonto) +- DomainMapping/v1alpha1 is deprecated - use v1beta1 APIs (#14058, @dprotaso) + +### 💫 New Features & Changes +- A new flag is introduced `queueproxy.resource-defaults` that sets resource requests, limits for Queue Proxy when enabled (applies only to cpu and memory). (#14039, @skonto) +- Activator now has a separate service account, reducing its privileges to the required minimum. (#14133, @davidhadas) +- Queue proxy resources can be configured via annotations at the service level. The resource percentage annotation is now deprecated. (#14038, @skonto) +- Sets DefaultDomain to cluster's domain instead of hardcoded `svc.cluster.local` (#13964, @kauana) + + +### 🐞Bug Fixes +- Autoscaler metric are validated with global autoscaling class if no class annotation is set. (#13978, @xtreme-vikram-yadav) +- Drop `cluster-autoscaler.kubernetes.io/safe-to-evict` annotations on our control plane to allow nodes to drain (#14035, @dprotaso) +- Fix activator load balancing when using unbounded concurrency and when you have two instances of a revision (#14028, @dprotaso) +- Queue proxy metrics reporting period is now supported for both prometheus and opencensus. + This allows fine-grained control of how often metrics are exported via a new config map attribute. (#14019, @skonto) +- Tag to digest min TLS version is 1.2 and can be configured higher using the controller environment variable `TAG_TO_DIGEST_TLS_MIN_VERSION` and supports values `"1.2"` and `"1.3"` (#13962, @dprotaso) + +## Eventing + +[Release Notes](https://github.com/knative/eventing/releases/tag/knative-v1.11.0) + +##@ 💫 New Features & Changes + +- Updated mtping TLS cert test to bind to free port (#7036, @Cali0707) +- Add TLS support for mt-broker-filter (#6940, @creydr) +- Adding v1beta2 version for EventType and type conversion (#6903, @matzew) +- ApiServerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6956, @pierDipi) +- ContainerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6957, @vishal-chdhry) +- Even Type auto-create feature: + - Based on CloudEvents processed in an inmemorychannel corresponding `EventType` resources are created in the namespace (#7089, @Cali0707) + - Feature flag to enable: `eventtype-auto-create` in `configmap/config-features` + - Based on CloudEvents processed in a broker corresponding `EventType` resources are created in the namespace (#7034, @dsimansk) +- EventType v1b2 on sources `duck` controller/reconciler used (#6962, @matzew) +- EventType v1beta2 usage on the reconciler (#6949, @matzew) +- Do not parse flags in InitializeEventingFlags (#6966, @mgencur) +- PingSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6965, @pierDipi) +- Source duck compliant source now create EventTypes for KResources, not just brokers (#7032, @matzew) +- The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6897, @vishal-chdhry) +- The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6920, @vishal-chdhry) +- The BROKER field of the EventType is deprecated, and is replaced by a KRef reference, pointing to the broker. In the future Knative will be able to support other addressables with EventType, instead of just a broker (#6870, @matzew) +- The EventType CRD can now point to other resources, like channels or sinks (#7023, @matzew) +- imc-dispatcher supports an https endpoint for receiving events. The channel is deduced from the path. (#6954, @gab-satchi) + +## Client + +[Release Notes](https://github.com/knative/client/releases/tag/knative-v1.11.0) + +### 💫 New Features & Changes + +- Add default SecurityContext to every new ksvc (#1821, @dsimansk) +- Add support for Eventing/v1beta2 EventTypes with `--reference` option flag (#1831, @dsimansk) + - This a breaking change of backward compatibility with Eventing release that doesn't suppoert `EventTypes` API @ `v1beta2` +- Change default SecurityContext value to `none` (#1832, @dsimansk) + +### Bug or Regression + + - Fix plugin inlining that uses client-pkg dependency (#1816, @dsimansk) + +## Functions + +[Release Notes](https://github.com/knative/func/releases/tag/knative-v1.11.0) + +### Chore + +- Bumps faas-js-runtime to version 2.2.2 + - bumps cloudevents to version 7.0.1 (#1873, @lance) + +### Enhancement + +- Add Rust templates linting into CI workflow (#1814, @andrejusc) +- Add `func environment` to print the current function execution environment as JSON. (#1761, @lance) +- Add `func --domain`to choose routes (#1690, @lkingland) +- Feat: pipeline as code integration for gitlab (#1769, @matejvasek) +- Fixes a bug where local jobs were sometimes not canceling immediately + - Startup timeout for local run tasks now configurable (#1750, @lkingland) + +### API Change + +- Allow specifying `persistentVolumeClaim` and `emptyDir` as volumes in functions. (#1666, @zalsader) + +### Other (Cleanup or Flake) + +- Updated Rust cloudevents example. (#1799, @saschagrunert) +- Updated Rust http example. (#1798, @saschagrunert) + +### Uncategorized +- Added support for serviceAccountName in func.yaml's deploy section to set the function service account. (#1811, @saschagrunert) +- Adds -R shorthand for --remote flag in func deploy (#1797, @nitishchauhan0022) +- Adds default builders for s2i and buildpacks to func environment (#1796, @nitishchauhan0022) +- Improve error msg when PAC is not installed (#1742, @zroubalik) +- On-cluster build: The pack build task result IMAGE_DIGEST is passed to the deploy task. +- On-cluster build: The deploy task explicitly sets the --image flag. (#1756, @matejvasek) +- Use jobs instead of plain pods for auxiliary tasks (#1857, @matejvasek) +- When building from an unreleased commit, such as the current Function main branch (which is 37 commits ahead of what was released as v0.37.0 in Knative 1.10: (#1817, @lkingland) + +## Operator + +[Release Notes](https://github.com/knative/operator/releases/tag/knative-v1.11.1) + +## Thank you, contributors + +#### Release Leads: + +- [@pierDipi](https://github.com/pierDipi) +- [@creydr](https://github.com/creydr) +- [@dsimansk](https://github.com/dsimansk) +- [@skonto](https://github.com/skonto) +- [@vishal-chdhry](https://github.com/Vishal-Chdhry) + +## Learn more + +Knative is an open source project that anyone in the [community](https://knative.dev/docs/community/) can use, improve, and enjoy. We'd love you to join us! + +- [Knative docs](https://knative.dev/docs) +- [Quickstart tutorial](https://knative.dev/docs/getting-started) +- [Samples](https://knative.dev/docs/samples) +- [Knative Working Groups](https://github.com/knative/community/blob/main/working-groups/WORKING-GROUPS.md) +- [Knative User Mailing List](https://groups.google.com/forum/#!forum/knative-users) +- [Knative Development Mailing List](https://groups.google.com/forum/#!forum/knative-dev) +- Knative on Twitter [@KnativeProject](https://twitter.com/KnativeProject) +- Knative on [StackOverflow](https://stackoverflow.com/questions/tagged/knative) +- [`#knative` on CNCF Slack](https://slack.cncf.io) +- Knative on [YouTube](https://www.youtube.com/channel/UCq7cipu-A1UHOkZ9fls1N8A) diff --git a/docs/client/configure-kn.md b/docs/client/configure-kn.md index 9be9962a98..e2e5f0daca 100644 --- a/docs/client/configure-kn.md +++ b/docs/client/configure-kn.md @@ -9,15 +9,36 @@ You can customize your `kn` CLI setup by creating a `config.yaml` configuration ## Example configuration file ```yaml +# Plugins related configuration plugins: + # Whether to lookup configuration in the execution path (default: true). This option is deprecated and will be removed in a future version where path lookup will be enabled unconditionally path-lookup: true + # Directory from where plugins with the prefix "kn-" are looked up. (default: "$base_dir/plugins" + # where "$base_dir" is the directory where this configuration file is stored) directory: ~/.config/kn/plugins +# Eventing related configuration eventing: + # List of sink mappings that allow custom prefixes wherever a sink + # specification is used (like for the --sink option of a broker) sink-mappings: + # Prefix as used in the command (e.g. "--sink svc:myservice") - prefix: svc + # Api group of the mapped resource group: core + # Api version of the mapped resource version: v1 + # Resource name (lowercased plural form of the 'kind') resource: services + # Channel mappings that you can use in --channel options + channel-type-mappings: + # Alias that can be used as a type for a channel option (e.g. "kn create channel mychannel --type Kafka") + - alias: Kafka + # Api group of the mapped resource + group: messaging.knative.dev + # Api version of the mapped resource + version: v1beta1 + # Kind of the resource + kind: KafkaChannel ``` Where @@ -30,3 +51,8 @@ Where - `group`: The API group of the Kubernetes resource. - `version`: The version of the Kubernetes resource. - `resource`: The lowercased, plural name of the Kubernetes resource type. For example, `services` or `brokers`. +- `channel-type-mappings` can be used to define aliases for custom channel types that can be used wherever a channel type is required (as in `kn channel create --type`). This configuration section defines an array of entries with the following fields: + - `alias`: The name that can be used as the type + - `group`: The APIGroup of the channel CRD. + - `version`: The version of the channel CRD. + - `kind`: Kind of the channel CRD (e.g. `KafkaChannel`) \ No newline at end of file diff --git a/docs/eventing/experimental-features/eventtype-auto-creation.md b/docs/eventing/experimental-features/eventtype-auto-creation.md index 1dc3e302de..949633a817 100644 --- a/docs/eventing/experimental-features/eventtype-auto-creation.md +++ b/docs/eventing/experimental-features/eventtype-auto-creation.md @@ -11,7 +11,7 @@ ## Overview -With the `eventtype-auto-creation` feature, we have possibliy to _auto create_ EventTypes that are received and ingressed by the Knative Broker implementations. +With the `eventtype-auto-creation` feature, we have possibliy to _auto create_ EventTypes that are received and ingressed by the Knative Broker and Channel implementations. For making use of this _opt-in_ feature, we must turn it on in the `config-features`, by setting the `eventtype-auto-creation` flag to `enabled`: @@ -26,10 +26,12 @@ data: ... ``` -With this experiemental feature enabled, we get `EventType`s on the broker ingress for free. Instead of manually creating them as yaml manifests along the application code that talks to the `Broker` API. +With this experiemental feature enabled, we get `EventType`s on the broker/channel ingress for free, instead of manually creating them as yaml manifests along the application code that talks to the `Broker` or `Channel` API. ## Example +### Create a Broker + To check the feature is working, create a simple broker: @@ -59,7 +61,7 @@ To check the feature is working, create a simple broker: Where `` is the name of the file you created in the previous step. -## Produce Events to the Broker +### Produce Events to the Broker The auto-creation feature is triggered by processed events. Therefore to verify the functionality we need to send a sample event with desired type. This can be achieved in a severals ways, below are two examples using `kn-plugin-event` and `cURL` container in a cluster. @@ -98,7 +100,7 @@ container in a cluster. ``` This is more complex, as we have to _craft_ the event as part of the `curl` HTTP POST request. -## Event Discovery +### Event Discovery After the two produced events, we should be able to have discoverable events in the system, based on the `eventtype-auto-creation` feature: diff --git a/docs/install/operator/knative-with-operators.md b/docs/install/operator/knative-with-operators.md index cad791b8de..a4920e0cb7 100644 --- a/docs/install/operator/knative-with-operators.md +++ b/docs/install/operator/knative-with-operators.md @@ -5,9 +5,9 @@ You can install the Serving component, Eventing component, or both on your clust The following table describes the supported versions of Serving and Eventing for the Knative Operator: -| Operator | Serving | Eventing | -|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| v1.10 | v1.10.0
v1.9.0, v1.9.1, v1.9.2 and v1.9.3
v1.8.0, v1.8.1, v1.8.2, v1.8.3, v1.8.4, v1.8.5 and v1.8.6
v1.7.0, v1.7.1, v1.7.2, v1.7.3 and v1.7.4 | v1.10.0
v1.9.0, v1.9.1, v1.9.2, v1.9.3, v1.9.4, v1.9.5, v1.9.6 and v1.9.7
v1.8.0, v1.8.1, v1.8.2, v1.8.3, v1.8.4, v1.8.5, v1.8.6, v1.8.7 and v1.8.8
v1.7.0, v1.7.1, v1.7.2, v1.7.3, v1.7.4, v1.7.5, v1.7.6, v1.7.7 and v1.7.8 | +| Operator | Serving | Eventing | +|----------|------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| v1.11 | v1.11.0
v1.10.0, v1.10.1 and v1.10.2
v1.9.0, v1.9.1, v1.9.2, v1.9.3 and v1.9.4
v1.8.0, v1.8.1, v1.8.2, v1.8.3, v1.8.4, v1.8.5 and v1.8.6 | v1.11.0
v1.10.0, v1.10.1 and v1.10.2
v1.9.0, v1.9.1, v1.9.2, v1.9.3, v1.9.4, v1.9.5, v1.9.6 and v1.9.7
v1.8.0, v1.8.1, v1.8.2, v1.8.3, v1.8.4, v1.8.5, v1.8.6, v1.8.7 and v1.8.8 | --8<-- "prerequisites.md" --8<-- "security-prereqs-images.md" diff --git a/docs/reference/security/README.md b/docs/reference/security/README.md index e951093e39..478b4bf774 100644 --- a/docs/reference/security/README.md +++ b/docs/reference/security/README.md @@ -14,15 +14,17 @@ Our releases from 1.9 are signed with [cosign](https://docs.sigstore.dev/cosign/ 1. Download the files you want, and the `checksums.txt`, `checksum.txt.pem` and `checksums.txt.sig` files from the releases page: ```sh - # this example verifies the 1.9.0 kn cli from the knative/client repository - wget https://github.com/knative/client/releases/download/knative-v1.9.0/checksums.txt - wget https://github.com/knative/client/releases/download/knative-v1.9.0/kn-darwin-amd64 - wget https://github.com/knative/client/releases/download/knative-v1.9.0/checksums.txt.sig - wget https://github.com/knative/client/releases/download/knative-v1.9.0/checksums.txt.pem + # this example verifies the 1.10.0 kn cli from the knative/client repository + wget https://github.com/knative/client/releases/download/knative-v1.10.0/checksums.txt + wget https://github.com/knative/client/releases/download/knative-v1.10.0/kn-darwin-amd64 + wget https://github.com/knative/client/releases/download/knative-v1.10.0/checksums.txt.sig + wget https://github.com/knative/client/releases/download/knative-v1.10.0/checksums.txt.pem ``` 1. Verify the signature: ```sh - COSIGN_EXPERIMENTAL=1 cosign verify-blob \ + cosign verify-blob \ + --certificate-identity=signer@knative-releases.iam.gserviceaccount.com \ + --certificate-oidc-issuer=https://accounts.google.com \ --cert checksums.txt.pem \ --signature checksums.txt.sig \ checksums.txt @@ -33,10 +35,9 @@ Our releases from 1.9 are signed with [cosign](https://docs.sigstore.dev/cosign/ ``` !!! note - `COSIGN_EXPERIMENTAL=1` is used to allow verification of images signed - in `KEYLESS` mode. To learn more about keyless signing, please refer to + Knative images are signed in `KEYLESS` mode. To learn more about keyless signing, please refer to [Keyless Signatures](https://github.com/sigstore/cosign/blob/main/KEYLESS.md#keyless-signatures) - Our signing identity(Subject) for our releases is `signer@knative-nightly.iam.gserviceaccount.com` and the Issuer is `https://accounts.google.com` + Our signing identity(Subject) for our releases is `signer@knative-releases.iam.gserviceaccount.com` and the Issuer is `https://accounts.google.com` ### Apple macOS diff --git a/docs/serving/autoscaling/autoscaling-metrics.md b/docs/serving/autoscaling/autoscaling-metrics.md index f6606cab1e..20224692c9 100644 --- a/docs/serving/autoscaling/autoscaling-metrics.md +++ b/docs/serving/autoscaling/autoscaling-metrics.md @@ -32,7 +32,10 @@ For more information about KPA and HPA, see the documentation on [Supported Auto metadata: annotations: autoscaling.knative.dev/metric: "concurrency" + autoscaling.knative.dev/target-utilization-percentage: "70" ``` + !!! note + The `autoscaling.knative.dev/target-utilization-percentage` annotation for "Concurrency" specifies a percentage value === "Requests per second" @@ -47,7 +50,10 @@ For more information about KPA and HPA, see the documentation on [Supported Auto metadata: annotations: autoscaling.knative.dev/metric: "rps" + autoscaling.knative.dev/target: "150" ``` + !!! note + The `autoscaling.knative.dev/target` annotation for "Requests per second" specifies an integer value === "CPU" @@ -63,7 +69,10 @@ For more information about KPA and HPA, see the documentation on [Supported Auto annotations: autoscaling.knative.dev/class: "hpa.autoscaling.knative.dev" autoscaling.knative.dev/metric: "cpu" + autoscaling.knative.dev/target: "100" ``` + !!! note + The `autoscaling.knative.dev/target` annotation for "CPU" specifies the integer value in millicore === "Memory" @@ -79,7 +88,10 @@ For more information about KPA and HPA, see the documentation on [Supported Auto annotations: autoscaling.knative.dev/class: "hpa.autoscaling.knative.dev" autoscaling.knative.dev/metric: "memory" + autoscaling.knative.dev/target: "75" ``` + !!! note + The `autoscaling.knative.dev/target` annotation for "Memory" specifies the integer value in Mi === "Custom metric" @@ -98,6 +110,7 @@ For more information about KPA and HPA, see the documentation on [Supported Auto annotations: autoscaling.knative.dev/class: "hpa.autoscaling.knative.dev" autoscaling.knative.dev/metric: "" + autoscaling.knative.dev/target: "" ``` Where `` is your custom metric. diff --git a/go.mod b/go.mod index 365ef067b3..319b2f4baa 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( google.golang.org/grpc v1.36.0 gopkg.in/go-playground/webhooks.v3 v3.13.0 gopkg.in/yaml.v2 v2.3.0 - knative.dev/hack v0.0.0-20230707105034-cc92cdb68f01 + knative.dev/hack v0.0.0-20230712131415-ddae80293c43 ) require ( diff --git a/go.sum b/go.sum index 31531d71cd..acd9484dcd 100644 --- a/go.sum +++ b/go.sum @@ -539,8 +539,8 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.5 h1:nI5egYTGJakVyOryqLs1cQO5dO0ksin5XXs2pspk75k= honnef.co/go/tools v0.0.1-2020.1.5/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -knative.dev/hack v0.0.0-20230707105034-cc92cdb68f01 h1:ShbmvGzvZ8yTDL+9ANDj2RJmxP9e9VG5ssP719GjgLg= -knative.dev/hack v0.0.0-20230707105034-cc92cdb68f01/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= +knative.dev/hack v0.0.0-20230712131415-ddae80293c43 h1:3SE06uNfSFGm/5XS+0trbyCUpgsOaBeyhPQU8FPNFz8= +knative.dev/hack v0.0.0-20230712131415-ddae80293c43/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/hack/build.sh b/hack/build.sh index d030a8b18f..19427ad255 100755 --- a/hack/build.sh +++ b/hack/build.sh @@ -27,7 +27,7 @@ set -x # 1) Make a release-NN branch as normal. # 2) Update VERSIONS below (on main) to include the new version, and remove the oldest # Order matters :-), Most recent first. -VERSIONS=("1.10" "1.9" "1.8") # Docs version, results in the url e.g. knative.dev/docs-1.9/.. +VERSIONS=("1.11" "1.10" "1.9") # Docs version, results in the url e.g. knative.dev/docs-1.9/.. # 4) PR the result to main. # 5) Party. diff --git a/vendor/modules.txt b/vendor/modules.txt index 37c25712ef..4f1fb1dea6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -300,7 +300,7 @@ gopkg.in/go-playground/webhooks.v3/github gopkg.in/yaml.v2 # honnef.co/go/tools v0.0.1-2020.1.5 ## explicit; go 1.11 -# knative.dev/hack v0.0.0-20230707105034-cc92cdb68f01 +# knative.dev/hack v0.0.0-20230712131415-ddae80293c43 ## explicit; go 1.18 knative.dev/hack # go.opencensus.io => go.opencensus.io v0.20.2