RATATOSKRATATOSK
ログイン

リリース

CNCF graduated・incubatingプロジェクトのリリースノートのAI分析。

2026年6月解除 ×

Flux

CI/CD & App Delivery2026年6月30日

Flux v2.9.0 は機能拡張リリースです。CLI プラグインシステムやセキュリティ機能の充実など複数の新機能を導入する一方、image.toolkit.fluxcd.io/v1beta2 および notification.toolkit.fluxcd.io/v1beta2 の 2 つの API を廃止します。これらの API を使用しているマニフェストがある場合は、アップグレード前に v1 系への移行が必要です。

  • breakingimage.toolkit.fluxcd.io/v1beta2 の廃止

    image.toolkit.fluxcd.io/v1beta2 を使用しているマニフェストまたはカスタムリソースは v2.9.0 では動作しません。v1 系 API へ移行してください。

  • breakingnotification.toolkit.fluxcd.io/v1beta2 の廃止

    notification.toolkit.fluxcd.io/v1beta2 を使用しているマニフェストまたはカスタムリソースは v2.9.0 では動作しません。v1 系 API へ移行してください。

主な変更 (8)
  • 2つの長期非推奨 API (image.toolkit.fluxcd.io/v1beta2、notification.toolkit.fluxcd.io/v1beta2) を削除
  • Flux CLI プラグインシステムを導入 (Mirror、Schema プラグイン)
  • Kustomization で Server-Side Apply の差分制御ルール、Age 暗号を使った SOPS 復号化、Workload Identity による OpenBao/Vault 認証に対応
  • HelmRelease の post-render ストラテジ、Helm 値リテラルモード、Git コミット署名・検証 (SSH キー) に対応
  • GitRepository で AWS CodeCommit 認証 (Workload Identity)、OCIRepository で Sigstore カスタム信頼ルート対応
  • webhook Receivers を秘密なし OIDC 認証へ対応、ArtifactGenerator のパターンマッチ型ディレクトリ発見対応
  • コンポーネント更新: source-controller v1.9.1、kustomize-controller v1.9.1、notification-controller v1.9.1、helm-controller v1.6.1 ほか; CLI は Kubernetes 1.36、Go 1.26 対応
  • 各種 CLI コマンド・フラグ追加 (`flux create secret receiver`、`flux trigger receiver`、`--in-memory-build` など)、resume 終了コード・シンボリックリンク処理・メタデータラベル保持など複数の修正
原文

Buildpacks

CI/CD & App Delivery2026年6月23日

日本語 準備中pack v0.40.7 is a routine patch: a registry-message text fix, an internal dependency cleanup, and an updated builder suggestion. No breaking or security changes for operators.

主な変更 (3)
  • Fixed the yank registry issue body text: added `yank = true` and a code fence for clarity
  • Removed the direct dependency on github.com/docker/docker
  • CLI now suggests `heroku/builder:26` instead of `heroku/builder:24` as the recommended builder
原文

OpenKruise

CI/CD & App Delivery2026年6月21日

日本語 準備中OpenKruise v1.9.0 adds several useful workload features and fixes a pile of stability bugs — including CPU-spike and panic fixes that affect anyone running ImagePullJobs or SidecarSets in production.

  • breakingString-formatted maxUnavailable/maxSurge values now rejected by webhook

    Values like maxUnavailable: '5' (a quoted integer string) are now rejected at admission. If your manifests or Helm charts set these as strings instead of integers, the webhook will block them after upgrade. Audit your CloneSet and related workload specs before upgrading to v1.9.0.

  • enhancementFix ImagePullJob high CPU before upgrading large clusters

    A cascading reconcile amplification bug was causing ImagePullJob controllers to spike CPU. If you've been seeing unexpected controller-manager CPU pressure, this is likely the cause. Upgrading to v1.9.0 should resolve it — no config changes needed.

  • enhancementCloneSet progressDeadlineSeconds and OnDelete strategy now available

    CloneSet now supports progressDeadlineSeconds to surface stalled rollouts, and an OnDelete update strategy for manual upgrade control. Teams doing canary or phased rollouts with CloneSet should evaluate both options — progressDeadlineSeconds in particular fills a gap that previously required external monitoring to detect stuck updates.

主な変更 (5)
  • ImagePullJob: fixes high CPU caused by cascading reconcile amplification, and adds node-side concurrency control — critical for clusters with large image pull workloads
  • SidecarSet: fixes panics on pod deletion and during null pointer access; adds ordered container injection and shareVolumeDevicePolicy support
  • CloneSet: adds progressDeadlineSeconds, OnDelete update strategy, and fixes lifecycle hook bugs when CloneSetEventHandlerOptimization is enabled
  • UnitedDeployment: new ReserveUnschedulablePods feature keeps unschedulable pods reserved instead of replaced
  • PodUnavailableBudget now protects Pod RESIZE actions, useful when using in-place vertical scaling
原文

Argo

CI/CD & App Delivery2026年6月18日

日本語 準備中Argo CD 3.4.4 is a patch release focused on stability fixes for health checks, RBAC, diffs, and template rendering. Update if you run multi-namespace setups or use Dex authentication.

  • breakingRBAC regression fix for multi-namespace setups

    A prior release introduced a regression in RBAC enforcement for project-scoped resources in multi-namespace architectures. This patch restores correct behavior. If you use project-level RBAC restrictions across multiple namespaces, verify that access controls work as expected after upgrading, particularly around project-scoped resource visibility.

  • enhancementHealth check reliability improvement

    The PromotionStrategy health check was incorrectly reporting Progressing after no-op re-hydration, blocking deployments. This is now fixed. If you use PromotionStrategy with ArgoCD, upgrade to avoid stalled health states that require manual intervention to clear.

  • enhancementServer-side diff regression resolved

    A recent change broke server-side diffs on new objects, causing errors. This patch restores diff functionality. If you rely on server-side diffs in your deployment pipeline (especially for new resources), apply this update to restore normal diff behavior.

主な変更 (5)
  • Fixed PromotionStrategy health check regression that left resources stuck in Progressing state
  • Resolved RBAC regression affecting project-scoped resources in multi-namespace deployments
  • Fixed diff error on new objects in server-side diffs
  • Patched Dex password parsing to handle dollar signs correctly
  • Resolved cross-generator Values template resolution in ApplicationSet RenderGeneratorParams
原文

Argo

CI/CD & App Delivery2026年6月18日

日本語 準備中Argo CD v3.3.12 is a maintenance release fixing sync state tracking, cluster observer locking, configuration parsing, and git repository depth handling—no breaking changes.

  • securityDex authentication now handles special characters in passwords

    Dex password parsing previously failed if passwords contained dollar signs, potentially locking users out. If you use Dex for OIDC and recently added or updated passwords with special characters, upgrade to v3.3.12 immediately to restore access. Test Dex login after updating.

  • enhancementFix PromotionStrategy stuck state if using Argo Rollouts

    If you run Argo CD with Argo Rollouts and use PromotionStrategy, applications may have remained stuck in Progressing after configuration reloads even when nothing changed. Update to v3.3.12 to resolve this. Check your application health status post-upgrade to confirm recovery.

主な変更 (5)
  • PromotionStrategy health status no longer stuck in Progressing after no-op re-hydration
  • Cluster informer now protected by lock to prevent concurrent access issues
  • Dex password parsing fixed to handle dollar signs correctly
  • Git repository depth setting now honored in change detection and fetch operations
  • Live status excluded from normalization to improve accuracy
原文

Backstage

CI/CD & App Delivery2026年6月16日

日本語 準備中v1.52.0 has three breaking changes (discovery API default, immediate stitching removed, BUI union types) alongside significant catalog PostgreSQL performance fixes and a batch of UX and reliability improvements.

  • breakingCheck discovery.endpoints and remove immediate stitching config

    Two breaking changes need attention before upgrading. First, if you use `discovery.endpoints` with internal-only string targets, convert them to object form with `target.internal` set to the internal URL and `target.external` set to a browser-reachable URL — otherwise the frontend will try to reach internal addresses directly. Second, remove `catalog.stitchingStrategy.mode: 'immediate'` from your config; it's now a no-op and will log deprecation warnings. Both changes are straightforward config edits.

  • breakingMigrate ComboboxProps and SelectProps extensions before upgrading

    `ComboboxProps` and `SelectProps` are now union types. If your codebase has interfaces that extend either type, they will fail to compile — switch them to type intersections. Also audit CSS selectors that target list content as a direct child of `.bui-SelectPopover`, as that structure changed. These are frontend component-layer changes with no runtime fallback.

  • enhancementCatalog query performance improvements for PostgreSQL — no action needed, just upgrade

    Several PostgreSQL-specific query planner fixes ship in this release: multi-column statistics on the search table, a dropped redundant index, tuned vacuum thresholds, and a split count/list query. If your catalog list views are slow with large entity counts, this upgrade is worth prioritizing. No config changes needed — the improvements apply automatically via migration. Teams on MySQL/SQLite won't see the same gains.

主な変更 (7)
  • Default discovery API in @backstage/plugin-app changed to FrontendHostDiscovery; internal-only string targets in discovery.endpoints must be migrated to object form
  • catalog.stitchingStrategy.mode: 'immediate' removed — configs still using it will be silently ignored with a warning
  • ComboboxProps and SelectProps changed to union types, breaking any interface that extended them directly
  • Catalog backend gets multiple PostgreSQL query planner fixes — extended statistics, dropped legacy index, split count query — targeting 10-40x slower list views
  • @backstage/connections experimental package added as a preview of the future integrations replacement; not for production use
  • Lazy-loading of react-syntax-highlighter and @dagrejs/dagre cuts ~10 MB from the initial module load of @backstage/core-components
  • Newly scaffolded apps now use Yarn 4.13.0 with npmMinimalAgeGate: 3d enabled as a supply-chain defense
原文

OpenFeature

CI/CD & App Delivery2026年6月1日

日本語 準備中flagd core v0.16.0 changes disabled flag evaluation from an error response to a successful resolution with reason=DISABLED, affecting gRPC/OFREP callers and code that inspects evaluation metadata.

  • breakingAudit any code that checks errorCode or reason on flag evaluations

    If your code branches on FLAG_DISABLED error codes or checks the reason field from direct gRPC/OFREP responses, it will no longer receive that error path for disabled flags — it'll get a success with reason=DISABLED instead. Search your codebase for FLAG_DISABLED string matches, error-code switch statements, and reason-field conditionals before upgrading. SDK users who only consume the resolved value are unaffected and can upgrade without changes.

  • enhancementUse reason=DISABLED for observability and audit logging

    The new behavior is actually cleaner for telemetry. Since disabled flags now resolve successfully, you can distinguish 'flag disabled' from 'evaluation error' in your metrics and logs without special-casing error codes. Update your dashboards and alerting rules to treat reason=DISABLED as an expected, non-error signal rather than filtering it out as noise.

主な変更 (4)
  • Disabled flags now return reason=DISABLED with a successful evaluation instead of a FLAG_DISABLED error code
  • Resolved values are unchanged — SDKs still surface the caller-provided default, so end-user behavior is identical
  • Breaking impact is scoped: affects direct gRPC/OFREP callers, code checking errorCode/reason fields, and importers of core/pkg/model
  • An Architecture Decision Record (ADR) documents the rationale for this semantic change
原文

OpenFeature

CI/CD & App Delivery2026年6月1日

日本語 準備中flagd v0.16.0 changes disabled flag evaluation from an error to a successful resolution with reason=DISABLED, affecting direct gRPC/OFREP callers and code that inspects evaluation metadata.

  • breakingAudit error-handling code that checks FLAG_DISABLED or errorCode

    If your application checks the evaluation reason or error code after a flag resolution — whether through direct gRPC calls, OFREP HTTP calls, or Go imports of core/pkg/model — you need to update that logic. FLAG_DISABLED errors will no longer appear; instead expect a successful response with reason=DISABLED. SDK users who only read the resolved value are unaffected, but any monitoring, alerting, or branching logic that keys off FLAG_DISABLED will silently stop triggering. Grep your codebase for FLAG_DISABLED and errorCode checks before upgrading.

主な変更 (4)
  • Disabled flags now return reason=DISABLED with a successful resolution instead of a FLAG_DISABLED error code
  • Resolved values are unchanged — SDKs still surface the caller-provided default, so end-user behavior is identical
  • Breaking impact is narrow: only affects consumers inspecting reason/errorCode, direct gRPC/OFREP callers, or code importing core/pkg/model
  • An Architecture Decision Record (ADR) documents the rationale for this semantic change
原文
月別に見る