- Added capability support for
startupProbe
,readinessProbe
, andlivenessProbe
.
- Fixed service name from being blank.
- Fixed capability usage of
var.service_port
.
- Added
var.service_port
to allow customization of port listening on the private network.
- Fixed more syntax mistakes with iterators on deployment volumes.
- Fixed syntax mistake with iterators on deployment volumes.
- Fixed
claim_name
to be required.
- Fixed invalid Terraform usage of
claim_name
.
- Added support for
hostPath
volumes from capabilities. - Fixed syntax for
persistentVolumeClaim
in k8s deployment. - Added
app_metadata["internal_subdomain"]
for capabilities.
- Fixed liveness/readiness probe (Disabled when
port=0
).
- Fix lockfile.
- Added support for
volumes
andvolume_mounts
from capabilities. - Upgraded
google
TF provider.
- Aligning
service_port
for capabilities to port 80.
- Configured
ClusterIP
service to forward port 80 tovar.port
so thathttp://<service>
resolves.
- Disable
read_only_root_filesystem
. - Updated creation sequence to ensure secrets are created before creating the deployment.
- Use
var.readiness_delay
for liveness probe, switch to tcp liveness probe.
- Added
var.readiness_delay
, switch to tcp readiness probe.
- Added compliance scanning.
- Update
README.md
with application management info. - Configured root file system as read-only.
- Configured requested resources.
- Dropped additional capabilities from the container.
- Configure liveness probe.
- Added optional
var.command
for overriding image CMD.
- Fixed issue where capability variables are generating when null.
- Fixed scheme on readiness probe.
- Fixed references to kubernetes resources.
- Fixed references to kubernetes resources.
- Added
readinessProbe
toService
with default values.
- Fixed
Service
to create Network Endoint Group (NEG).
- Fixed
Service
selector.
- Added
ClusterIP
Service
that exposesvar.port
to the cluster. - Added
service_port
andservice_name
toapp_metadata
so that capabilities know which port is exposed to the cluster.
- Moved connection from
cluster
tocluster-namespace
. - Moved secrets to Google Secrets Manager.
- Configured external-secrets.io secret store to sync k8s secrets with Google Secrets Manager.
- Configured application pod with a kubernetes service account.
- Kubernetes service account has impersonation access to GCP.
- Replace
_
in Kubernetes secret name with-
to make it valid. - Add kubernetes recommended labels. (https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/)
- Kubernetes secret name must be lowercase.
- Changed kubernetes secret name to valid name.
- Ensuring GCP labels don't have uppercase characters.
- Revert labels to tags to avoid
.
and/
which are invalid characters in GCP labels.
- Updated google secrets with a valid
secret_id
. - Updated labels to use URI-based labels instead of tags.
- Fixed secret values stored in Google Secrets Manager.
- Use
"latest"
tag if there is no app version.
- Fix kubernetes provider host.
- Added support for environment variable interpolation.
- Renamed variables to drop
service_
prefix. - Upgraded
capabilities.tf.tmpl
to fix various bugs with variable nil values and capability management. - Added standard env vars:
NULLSTONE_STACK
NULLSTONE_APP
NULLSTONE_ENV
NULLSTONE_VERSION
NULLSTONE_COMMIT_SHA
NULLSTONE_PUBLIC_HOSTS
NULLSTONE_PRIVATE_HOSTS
- Add
.terraform.lock.hcl
.