Release Notes
1.8.3
15 Jun, 2023
Bugfixes
- When using dual ingress controller (default), requests body size was limited to 1MiB. This has been fixed and increased to 60MiB.
1.8.2
30 May, 2023
Bugfixes
- Upgraded the Okteto CLI version to 2.15.4.
- Build optimization now also considers the environment variables used in build args when determining when to rebuild an image.
1.8.1
24 May, 2023
Bugfixes
- Fixed an issue affecting deletion of dev and preview environments when using custom Okteto manifests. The destroy operation did not evaluate the custom manifest used during deployment, which meant the destroy commands were not executed.
- Upgraded the Okteto CLI version to 2.15.3.
- Build optimization now considers environment variables used in build args to determine when to rebuild an image.
- Fixed a regression which was preventing the deploy dialog from loading the list of GitHub repositories for new users when the authentication provider was GitHub.
1.8.0
10 May, 2023
Before you upgrade
Okteto 1.8 includes a change in the ingress architecture. If you're using your own ingress controller instead of the ingress-controller embedded with Okteto chart, please checkout the updated section about "How to use your own ingress controller".
Breaking changes
- The default value for the buildkit service session affinity is now
None
. To keep usingClientIP
assessionAffinity
you need to setservice.sessionAffinity: ClientIP
in your buildkit configuration.
Deprecation Notice
- Support for Kubernetes 1.22 has been deprecated and will be removed in the next release.
Features
- Kubernetes supported versions: 1.25 (upgrade guide), 1.24 and 1.23.
- Support for custom labels and annotations in ingresses managed by Okteto.
- Upgraded the Okteto CLI version to 2.15.2
- Okteto CLI 2.15.2 enables the optimisation removed at Okteto CLI 2.14.3. Now we calculate a hash for a given commit with the info around the build.
- Oketo Self-Hosted will now show the installation setup guide by default
- External resources can now be destroyed from the Okteto UI
- External resources now supports additional icons
- Ingresses are now served through two ingress-controllers instances, enabling flexible configuration and improving connection stability.
ingress-nginx
will continue to be the main gateway for all inbound traffic to Okteto, but will stop processing individual users' ingresses. Instead it will forward users' ingresses to the newokteto-nginx
.okteto-nginx
sits behindingress-nginx
and it process exclusively users' ingresses.- For additional configuration of both instances, please check the ingress-controller configuration section.
- Okteto Ingress defaultBackend is now deployed separately of
ingress-nginx
orokteto-nginx
.
Improvements
- All external services created or updated by Okteto will now have the
dev.okteto.com/namespace
label - Improved the performance of the query for retrieving endpoints for a preview environment using the
dev.okteto.com/namespace
label - Support baggage header for istio divert driver
- Remove the
email
field from the helm values file. It is is now provided by the license - Divert virtual service transformation is now done at the mutation webhook by adding the annotation to the virtualservices
- The frontend app now uses proper browser history routing instead of hash routing
- Catalog items are now sorted, by default, in the same way in both the admin dashboard and a developer's deploy/redeploy modal
- Using personal repositories from Bitbucket is now possible as we've addressed an issue with restricted characters in repository names
- Persistent spaces can no longer be put to sleep from the admin dashboard
- Improve text readability on deploy resources list
Bugfixes
- Custom endpoints annotation
dev.okteto.com/endpoints
is now mapped with the correct service of an ingress - Fix preview delete confirm modal stating "Delete namespace"
- Tabs in the admin panel are now appropriately responsive for smaller screens and resolutions. The last tabs will now wrap properly
- External Resources markdown inline code is now rendered correctly as inline instead of a fenced code block
- Translation browser extensions causing blank screens due to modifying DOM
- Show endpoints coming from virtual services in the Preview List view
- Move cache headers from
meta
to nginx soCache-Control
headers are applied correctly - Show "managed by" message only when adding a repository to previews and not when launching a developement environment
- Force non-breaking spaces for leading whitespace on logs
- Fix panic produced when deploying a repository with trailing slash
- Add disable state to external resources when being destroyed
1.7.1
21 April, 2023
Bugfixes
- Upgraded the Okteto CLI version to 2.14.3.
- Okteto CLI 2.14.0 introduced an optimization to build only once the image for a given commit. Okteto CLI 2.14.3 disables this optimization while we fix some inconsistencies around its behavior
1.7.0
12 April, 2023
Removal Notice
- Kubernetes 1.21 is no longer supported.
Deprecation Notice
The cloud.provider
and cloud.secret
keys in the Helm chart are now deprecated and they will be removed in the future 2.x release. Instead, you can now use registry.storage.provider
and registry.secret
to configure the registry to use external storage. This change is backward compatible: the old configuration keys will continue to work until they are removed in 2.x. You can follow our upgrade guide.
Features
- Kubernetes supported versions: 1.24, 1.23 and 1.22.
- Support for the annotation dev.okteto.com/endpoints to customize the endpoints shown in the Okteto UI.
- Support for configuring the service account of buildkit.
- Support for token-based authentication to simplify the installation of Okteto Self-Hosted.
- Personal Access Tokens will automatically expire after 180 days. For existing tokens, the expiration date will be set to 180 days from when your Okteto instance is upgraded to 1.7 or newer versions
- Upgraded the Okteto CLI version to 2.14.2
- Upgraded ingress-nginx to 4.3.0
- You can now delete external resources from the UI
- The default installation of Okteto doesn't require an external storage for the registry. It now uses filesystem storage by default
- The default installation of Okteto doesn't require a PVC for BuildKit. It now uses filesystem storage by default
Improvements
- When
buildkit.ingress.enabled
is true, BuildKit is exposed in thebuildkit.service.port
instead of port 1234. This makes it easier to use your with other ingress controllers - We optimized the redeploy dialog experience. Infomation loads faster in the dialog, specially when the source is GitHub
- Improved confirmation dialogs messages
- When your Okteto instance doesn't have an auth provider configured, the login screen shows a message with a link to the documentation on how to configure it
- Pod Security Policies are not installed if they are not available in the cluster
Bugfixes
- When redeploying a dev environment from the UI, there was a race condition that was preventing to use the right environment configuration (manifest, variables, branch, etc...)
- Sleeping resources now renders
No output.
logs instead ofLoading output...
- Install and destroy jobs are retried when they fail due to transient errors during their execution
- Avoid panics in private endpoints when the user is not authenticated
Sleep
option is not available in the list of namespace actions when the namespace is persistent- Fixed a problem when destroying dev environments from the UI when the manifest has defined an
image
property within thedestroy
section that was preventing the dev environment to be destroyed - Fixed a problem when destroying dev environments with a variable declared in a multiline
destroy
command - External resources were not being grouped under the corresponding dev environment when there was an error in the deployment of the environment
1.6.0
15 March, 2023
Breaking changes
This version comes with a breaking change. The default ingress class for ingresses managed by Okteto changed from nginx
to okteto-nginx
to prevent collisions with other controllers that might be already installed in the cluster. There is no action required from the user, all ingresses managed by Okteto will be automatically updated as part of the upgrade.
If you want to continue to use the previous ingress class (nginx
), you can do it by setting the following values in your helm values file:
ingress:
class: nginx
oktetoIngressClass: nginx
ingress-nginx:
controller:
ingressClass: nginx
ingressClassResource:
name: nginx
controllerValue: "k8s.io/ingress-nginx"
In some cases, there is a race condition recreating the controller pods in which a controller pod starts before the new ingress class is created in the cluster and that generates 404 errors when accessing Okteto or dev environments. For that reason, we recommend to rollout the ingress controller deployment to avoid this issue (kubectl rollout restart deployment <ingress-controller-deployment-name> -n okteto
).
Deprecation Notice
- Support for Kubernetes 1.21 has been deprecated and will be removed next release.
Features
- Kubernetes supported versions: 1.24, 1.23 and 1.22.
- Update the Okteto CLI version to 2.13.0
- Support custom quotas for node port and load balancer service types
- Public override support for self-signed certificates and bring your own certificate
- The wake operation will now wake up dependent services first, following the same order as when the environment was created.
- Add support for dynamic endpoints for external resources
Improvements
- Several improvements in the UI to keep the status updated accordingly with the status in user's dev environments
- Allow users to access to namespaces that are being terminated to see the operation logs
- Added input autofocus in several dialogs
- The "Create Namespace" button is now enabled immediately after you start writing the name of the namespace in the "New Namespace" dialog.
- You can now filter the available branches in the GitHub deploy dialog
- Simplified the admin dashboard by removing duplicated titles in every section.
- Do not autodestroy GC job when it ends. Last 3 executions of the job will be kept, so job logs can be accessed
- Private endpoints cookie is now set in the backend and specified as "httpOnly"
- Upgrade Reloader dependency to 1.0.5
Bugfixes
- Skip volume snapshots deletion as part of destroy all operation if "include volumes" check is not selected
- Fix "Destroy all", "Delete namespace" and "Wake namespace" operations when using private CAs or self-signed certificates
- Display the correct operation name in logs when deleting a namespace or destroying all resources within a namespace
- Avoid duplicated log lines when the browser visibility changes
- Self-signed certificate is recreated when subdomain or publicOverride changes after an upgrade
- Fixed view transition when a destroy namespace operation is retried
- Fixed missing custom icons on external resources
- Fixed autofocus on confirm dialogs
- GC deletes pods stuck in
Failed
phase withNodeAffinity
reason
1.5.1
6 March, 2023
Bugfixes
- Fixed an issue that prevented users from authenticating against the registry when using a separate certificate for the registry (
.Values.registry.ingress.tlsSecret
).
1.5.0
14 February, 2023
Features
- Kubernetes supported versions: 1.23, 1.22 and 1.21.
- You can now define an icon for every endpoint in your external resources list
- Add support for registry cloud provider storage using:
Improvements
- Make env var values editable on deploy/redeploy
- Filter repositories results by search term
- Delete button is now disabled in the personal namespace
- Reduced load time when opening Github redeploy dialog
- Added antiAffinity configuration for PODs with label
dev.okteto.com/affinity
- Added granular definition support for networkPolicies created by Okteto.
Bugfixes
- When injecting host alises to go through internal network to buildkit, registry and api, don't duplicate entries for same IP. Instead, pass the list of hostnames for the IP
- Remove non-existent External Resources status that caused Deployments to show as "Deployed" with a red error badge
- "Get Started" button is not active while running a "destroy all" job
- Fix namespace wake up when endpoint requests is sent to paths other than root.
- Keep ingress class on wake if ingress class is different than "sleeping"
- Ignore read only Kubernetes API Extension Servers (e.g. metrics.k8s.io) if unavailable on destroy all job runs.
- When using Divert, some scenarios may cause its ingress configuration to be dropped
- Don't show a pointer cursor type in log lines
- Autopreviews are now being deleted when PR is merged or closed
- Correctly alignment of non private/divert endpoints and repository at resource details section.
- Removed unused configuration values related to cert-manager in the Helm chart
- Fixed issue in the OpenID configuration that prevented using ADFS as the identity provider
- Get claims from access token when
ADFS
resource is given - Added support for volume snapshots in EKS 1.23
1.4.3
6 March, 2023
Bugfixes
- Fixed an issue that prevented users from authenticating against the registry when using a separate certificate for the registry (
.Values.registry.ingress.tlsSecret
).
1.4.2
February 7, 2023
Bugfixes
- Fixed issue on instances with self-signed certificates or private CA that prevented the destroy all and destroy namespace actions to work properly.
1.4.1
February 1, 2023
Bugfixes
- Fixed issue that caused the autoscaler to crash when parsing ingresses without the
ingressClassName
attribute.
1.4.0
January 19, 2023
Features
- Kubernetes supported versions: 1.23, 1.22 and 1.21.
- You can now define external resources in your Okteto manifest. Use this to include resources that exist outside of your Okteto namespace like databases, message brokers, serverless functions, dashboards, etc.
- You can now show virtual services endpoints in the Okteto UI
- Update okteto cli version to 2.11.1
Improvements
- The commands defined in the
destroy
section of the Okteto manifest will now be executed when destroying a namespace or preview environment - You can now retry and force namespace deletion in the UI
- When deleting a namespace/preview, its name will appear in the delete pop-up notification
- Sleeping a namespace using the UI now displays a confirmation dialog
- The catalog section of the Deploy dialog now includes a search bar
- The user-provided NGINX configuration snippet (the
nginx.ingress.kubernetes.io/configuration-snippet
annotation) will now get merged with Okteto's configuration snippet - By default, pod requests are no longer modified by Okteto
- Updated the
crd
configuration in the Helm chart to follow recommended practices for CRD management - You can now define custom affinities for dev containers and installer jobs in helm config
- You can now define custom resources (requests and limits) for installer jobs
- You can now define tolerations and node selector for the telemetry cronjob
- You can now override the images of the daemon and autoscaler using the Helm configuration file
Bugfixes
- The branch selector in the Deploy dialog doesn't flicker when the branch is not found
- Fixed issue that prevented private repositories of individual GitHub accounts to be correctly displayed in the Deploy dialog
- Fixed compatibility issues with Azure Active Directory
- Fixed blank screen that sometimes appeared when clicking the "Stop development" button
- Fixed race condition when trying to deploy a development environment that was removed from the catalog
- Ingresses that are not managed for Okteto won't be deleted when a namespace is put to sleep
- Fixed how host aliases are injected in the installer pods as the connection to Okteto's API and registry was not using the internal IPs in some scenarios
1.3.0
December 23, 2022
Features
- Kubernetes supported versions: 1.23, 1.22 and 1.21.
- Catalog to provide predefined development environments to every developer
- Remove CLI tab from Okteto UI deploy
Bugfixes
- Verification of GitHub usernames is now case insensitive to match GitHub rules
- Fix the race condition that enabled users to modify
repo
field on the GitHub redeploy dialog - You can now define "resources" for the okteto daemonset component. Use this to ensure that Kubernetes will reserve resources for the
daemonset
- Fix the race condition that prevented namespace-level resources from being displayed in the UI
- Fix wrong "Last updated" time for development environments in the Okteto UI
1.2.0
November 25, 2022
Features
- Kubernetes supported versions: 1.23, 1.22 and 1.21.
- Update okteto cli version to 2.9.0
- Support for self-signed certificates and private CA with Docker
- Buildkit port is now configurable
- Save costs by allowing to scale down to zero nodes if no user pods are running
- Added configuration to set PSP and AppArmor
Improvements
- UI pagination support for GitHub branches list
- Populate oauth errors to the user
Bugfixes
- Don't show warning when installing okteto on k8s 1.23.x
- Frontend nginx CVE-2022-40303/CVE-2022-40304
- Fix loader icon regression
- Display license related information properly
- Update text in error when using token-based auth
- Persist selfsigned wildcard certificate
- Allow pods to have their own image pull secret
- Added
registry's hostname
toinstaller pods
(/etc/hosts
) pointing to the internal IP, to ensure an internal connection to the component. - Fix user deletion when there is no owner among the namespace members
- Virtual services are now correctly displayed in the Okteto UI
1.1.0
November 2, 2022
Features
Improvements
- Allow disabling the autoscaler.
- Support custom labels and annotations in okteto serviceaccounts.
- Allow not checking that the domains of the user's app match the okteto subdomain.
- Support for extra role bindings for every developer account on each namespace.
- Support for keeping pod resources by using
dev.okteto.com/pod-resources: keep
annotation. - Support for custom ingress class for ingresses created by okteto installation.
Bugfixes
- Check if using volume snapshots to delete a PVC.
- Fix ingress-nginx default wildcard cert.
- Fix internal server error when buildkit is disabled.
- Remove ingress rules for buildkit and localhost.
- Disable validation for custom clusterRole configuration
1.0.0
September 22, 2022
The 1.0.0 comes with two breaking changes, follow our upgrade guide to 1.x to reduce the disruption of the service to a minimum.
Removal Notice
- Kubernetes 1.19 is no longer supported.
Deprecation Notice
- Support for Kubernetes 1.20 has been deprecated and will be removed next release.
Features
- Kubernetes supported versions: 1.23, 1.22 and 1.21.
- Okteto UI now allows users to specify the manifest path when launching a dev environment.
Improvements
- Chart has been renamed from "Okteto Enterprise" to "Okteto".
- The cert-manager chart is no longer bundled with Okteto and is no longer installed by default. Okteto now uses a self-signed certificate by default.
- Upgrade ingress-nginx to 4.2.1.
- Exposed gRPC connection configuration for the BuildKit gRPC server.
Bugfixes
- Fixed an issue where PVCs were not being deleted when volumeSnapshots were enabled.
0.15.0
August 18, 2022
Deprecation Notice
- Deprecate support for Kubernetes 1.19. Support for 1.19 will be dropped in the next release.
Improvements
- Add support for Kubernetes 1.22
- Upgrade Okteto CLI to 2.5.2
- Upgrade Buildkit to 0.10.3
- Upgrade ingress-nginx to 4.1.3
- Upgrade Reloader dependency to 0.0.118
- Enable user pod preferred affinity by default- Eliminated buildkit upgrade failures related to immutable statefulset fields.
- Support the kubernetes endpoints needed by litmus-2.10.2
- Improve the rollout of public services using rolling updates
Bugfixes
- Delete VolumeSnapshotsContent when VolumeSnapshot is deleted
- Account for non-existing users in GC job when deleting namespaces
0.14.1
August 3, 2022
Bugfixes
- Private CAs are now correctly propagated to the worker nodes.
0.14.0
July 14, 2022
Features
- Add structured and staged logs for pipelines. Groups logs by stage in the okteto UI.
- Support adding custom environment variables for main Okteto components
- Support adding custom annotations, labels, and environment variables to the pipeline installer jobs
- Display the CLI version used by the pipeline installer jobs in the Okteto UI admin panel
- You can now download the Okteto cluster context from the UI
Improvements
- Upgraded Okteto CLI to 2.4.2
- Removed deprecated Google Sign-in JavaScript Platform Library in favor of standard OAuth. More info here. No action is required.
- Disable the helm catalog on self-hosted installations by default. This makes installing CRDs not mandatory during cluster creation.
- Improve K8S rolling update process for Okteto API deployment
Bugfixes
- The webhook will not redeploy snapshots as part of an update operation.
- Pipelines are now able to push and pull charts to the internal repository
- The deploy button is now disabled in the UI while requests are in-flight. This was causing double deploys in some scenarios.
- Fixed memory leak caused by not freeing up some resources after closing the connection when streaming the logs.
- Pipelines now show the correct initial date in the logs
0.13.0
Jun 16, 2022
Features
- Add Access Control to Volume Snapshots
- Add link to the Community website in the help menu.
- Inject
OKTETO_NAMESPACE
andOKTETO_DOMAIN
environment variables in every pod - Remove Namespace limit on licenses
Improvements
- Upgrade Okteto CLI to 2.3.3
- Upgrade Okteto registry to 2.8.1
- Better deduplication in secrets query. Prioritize user secrets over cluster secrets.
- Handle PVC update in the mutating webhook. Fixes Okteto CLI issue #2599
- Upgrade crypto package. Fixes CVE-2022-27191
- Upgrade frontend nginx server to alpine 1.22. Fixes CVE-2022-27405
Bugfixes
- Fix panic in Preview Environment query for repos with invalid format
- Fix component running state calculation for pods with many retries. They previously stayed in the error state.
- Fix UI bug with Pull Request names in Preview environment list for non github URLs.
0.12.0
May 19, 2022
Improvements
- Okteto daemonset no longer mounts host volumes nor runs in privilege mode
- Add support for GKE workload identity
- Use
ingressClassName
field for ingresses instead of the deprecatedkubernetes.io/ingress.class
annotation - Add network quotas for okteto up
- Invalid ingresses not accepted by the nginx ingress controller are now caught by the webhook
- Deploying daemonset is no longer allowed by default
- Ingresses are put to sleep alongside all other namespace resources and automatically wake by with incoming requests
- Improve pipeline jobs lifecycle and properly handle timeouts. Logs for pipelines that time out are no longer lost
- Account for "ready" container condition to check if a component is healthy
- Decouple computing overloaded nodes from the autoscaler
- Allow users to type in custom branch name for Github repository in the deploy modal
- Add delete button to preview list
- Fix inaccesible modal elements on small screens
- Upgrade to Okteto CLI 2.2.2
- Upgrade ingress-nginx helm chart to 4.1.0
Bugfixes
- Fix a panic in the mutation webhook for pods with no labels
- Minor UI fixes for deploy's branch selector
Breaking changes
- Ingresses using the
kubernetes.io/ingress.class
annotation will be automatically updated by the okteto webhook and saved asspec.ingressClassName
with the annotation removed - Okteto Pipelines are executed relative to the path where manifest is located. All relative paths in the manifest will use the context of the subfolder where the manifest is defined
0.11.1
May 6, 2022
Bugfixes
- Provides a buildkit update for addressing authentication issues when building images.
0.11.0
April 7, 2022
Features
- Add support for Okteto Manifest v2
- Allow custom affinities in application pods
- Allow to "Wake" previews from the Okteto UI
- Add support for Buildkit HPA (Horizontal Pod Autoscaler)
Improvements
- Avoid placing okteto components in overloaded nodes if used in a single node pool
- Reduce Buildkit liveness initial delay from 5m to 10s
- Add resource quotas to jobs and cronjobs
- Migrate cronjobs to use batch/v1 GV as per v1.25 deprecation guide. Backwards compatibility still given for kubernetes versions < 1.21.
- Display current Okteto version in Admin view
- Pipeline installer can deploy from "okteto-compose.yml" files
Bugfixes
- Automatically reload mutation webhook when internal certificates expire
- Fix service resource creating with NodePort defined