Dapr
v1.16.16Orchestration & ManagementDapr 1.16.16 fixes two downgrade-specific bugs: Sentry certificate signing failures after a 1.18→1.16 rollback, and Helm StatefulSet storage conflicts when downgrading from 1.17/1.18.
breakingFollow specific Helm flags when downgrading to 1.16.16
Use --reset-values and explicitly pass the original install values. Do NOT use --reuse-values — it carries over 1.17/1.18 chart defaults that are invalid in 1.16, including placement disseminateTimeout=8s (1.16 only accepts 1s–3s), which will cause placement to fail at startup. If you skipped deleting the scheduler StatefulSet before downgrading, you may still need to pass --set dapr_scheduler.cluster.storageSize=<current size> or delete the StatefulSet with --cascade=orphan.
breakingClusters downgraded from 1.18 to 1.16 need this patch to fix Sentry
If you rolled back from Dapr 1.18 to any earlier 1.16.x release, Sentry is likely crashing on startup due to the Ed25519/ECDSA key type mismatch in the trust bundle. Upgrade to 1.16.16 to resolve it — no manual certificate rotation is required after upgrading.
Key changes (4)
- Sentry no longer crashes when the trust bundle was generated by a newer Dapr version using a different key type (Ed25519 vs ECDSA)
- Certificate template no longer copies SignatureAlgorithm from the CSR; Go's x509 library now infers it from the issuer key
- Helm chart backports the storageSize template helper that reads the live StatefulSet value, preventing immutable field conflicts on downgrade
- Fresh installs fall back to .Values.cluster.storageSize (default 1Gi) as before