Version 0.3.0 Released
This release contains some big changes, it's highly recommended to backup before upgrading so you can downgrade in case something doesn't work correctly.
Backend Changes
Changed: Upgrading to Helm 3.8.2
This release upgrades Helm to 3.8 from 3.6.
The main effect is that OCI registries, now a stable feature in Helm, also behave differently than in Helm 3.6.
Previous versions allowed pushing Helm charts to any OCI-compatible repo, so authors could easily create one ECR repo and push both images and charts into it.
For example, you could find a repo named shop with tags like shop-0.5.0 for an image and chart-shop-0.5.0 for the corresponding chart.
Helm 3.8 doesn't support that behavior anymore. Instead, it derives the repo name automatically from Chart.yml. When pushing, a registry is mentioned and it implicitly hosts a repo with the chart name.
This doesn't affect pulling, so previously pushed charts aren't affected, but if you wish to upgrade Helm to 3.8 as well, you'd have to create a separate repo for charts.
Changed: -chart and -charts Suffix to OCI Registries
As a result of the previous change, Platz now strips -chart and -charts suffixes from repo names.
For example, if you had a repo named shop before the upgrade, you can create a new repo named shop-charts to host Helm charts.
Both shop and shop-charts would map to the Shop kind, meaning all existing deployments can be upgraded to the new charts while being served from different repos.
New: env_id and env_name in platz Values
When installing or upgrading, Platz adds two new values to the platz section: env_id and env_name, containing the env ID and name hosting the deployment.
New: Cluster TLS Secret Name Configuration
Before this release all Ingress resources were created with a secret named tls-wildcard.
Clusters now contains a configuration for the TLS secret name that corresponds to their domain name.
New: Auto-Add Users to Envs
When enabled, a new env setting lets new users be added to existing envs automatically.
This is disabled by default.
New: Deployment Access Tokens
Access tokens, usually used to authenticate users in the frontend, can now also be used to authenticate deployments.
This change is at the API authentication code only, no tokens are actually created at this point. This feature would be completed at a later release.
Changed: Env Name Uniqueness
Env names weren't enforced as unique until now.
Although this wasn't a problem as everything uses IDs under the hood, admins could still create several envs with the same name, which is very confusing in the frontend.
Env names are now enforced to be case-insensitive unique.
If an upgrade fails due to this, please rename or delete the rogue envs at the database level.
Fixed: Secrets updated_at Not Updating
The updated_at property of secrets wasn't updated. This is now fixed.
chart-ext Changes
New: Ingress Section
Previous versions of chart-ext supported a standard_ingress feature. This looked like this:
apiVersion: platz.io/v1beta1
kind: Features
spec:
standard_ingress: true
...
When standard_ingress was enabled for a chart, it meant the chart has an ingress section in its values and can create an Ingress resource when configured in the format created by default by helm create charts.
A new apiVersion: platz.io/v1beta2 changes the format a bit. The previous apiVersion: platz.io/v1beta1 will remain fully supported until platz.io/v1 is stabilized.
The new version looks like this:
apiVersion: platz.io/v1beta2
kind: Features
spec:
ingress:
enabled: true
hostname_format: Name
The enabled: true in the ingress section matches the previous standard_ingress: true flag.
hostname_format is a new optional property that specifies how to create the ingress hostname:
KindAndName(the default previous behavior) creates a hostname using the deployment kind and name.Nameuses only the deployment name.
For example, lets assume a deployment has the kind of Shop and is named alexander, then:
KindAndNamewould generateshop-alexanderNamewould generatealexander
This feature is useful in cases where only one deployment uses an ingress, in which case the kind prefix can be removed.
Helm Chart Changes
New: k8s-agent with Multi-Account Support
In this release task-runner was renamed to k8s-agent.
The main reason is that the name was a bit confusing. task-runner was responsible for running tasks, but it was also Platz's agent for communicating with clusters, hence the new name.
But the k8s-agent rename is not the only change, as Platz now supports multiple k8s-agents. This is useful when controlling clusters in multiple accounts. Then, instead of supporting a complicated AssumeRole configuration, you can simply run several k8s-agents, each assuming a different role.
As a result, Platz's chart values now get a k8sAgents array. Each array element will create a separate statefulset with its own service account.
UI Changes
Fixed: Grafana Settings Wording
Grafan settings had some wrong description, this is now fixed.
Thanks to @vmalloc for this contribution!
New: Secrets Screen
A new secrets screen was added to the env settings section.
It allows for creating, editing and deleting secrets, plus adding new secret categories.
New: Terraform Modules
New Terraform modules have been created to ease the deployment of Platz directly from Terraform.
There are 3 modules hosted at https://github.com/platzio/terraform-aws-platzio:
modules/maincontains the main module, which creates ahelm_releasealong with the required values.modules/k8s-agent-rolecreates an IAM role with the required permissions in an account to be controlled by ak8s-agent.modules/chart-discoverycreates the necessary resources to discover Helm charts in ECR repos.
See the repo README for full usage details.