Skip to content

Releases: mathieu-benoit/acm-workshop

v0.1.0

13 Jun 03:36
@mathieu-benoit mathieu-benoit
a061458
937fa9d
Compare
Choose a tag to compare
v0.1.0

Based on the adoption of this workshop by both Googlers and customers, major updates based on feedback have been made with this release. Thanks everyone! Really glad to announce that the release v0.1.0 is out! 🎉

The focus was mainly on improving the usability of this workshop while adding more content.

What's Changed

  • Rename the title of this workshop from Anthos Config Management Workshop to ACM/ASM Workshop
  • Review the names of Host project and Tenant project (before it was respectively Config Controller project and GKE project)
  • Review the Artifact Registry section and interaction with the GKE cluster in order to get a private container registry setup
  • Add more Policies and now use the default Policy Controller library
  • Create a Monitoring section with dedicated pages to monitor ASM version, trace apps, monitor apps health and security, monitor WAF rules, etc.
  • Do not use --man-block anymore on the Config Controller instance in order to simplify the experience with Cloud Shell
  • Use ASM Managed data plane
  • Enable Anthos API in order to get access to Security and ASM UI features
  • Add a dedicated section on the Create Tenant project page in order to fix and work around the limitation when you can't assign the roles/billing.user role to the Config Controller's Google service account
  • Use ACM 1.11.2 for the GKE cluster in Tenant project
  • Add a Shift-left section on some pages in order to illustrate the Constraints evaluation in GitHub actions
  • Remove the config-sync folder in GitHub repositories, not anymore needed since a Config Sync's issue has been fixed
  • Add a Tags link in the navigation bar
  • Add a Release notes link in the navigation bar

Full Changelog: 4d2e1aa...a061458

If you have already deployed this workshop, it will be easier, better and faster to start it again from the beginning as a lot of files and folders have been updated to accomodate all these necessary updates.

Thanks for your continuing feedback!

Loading

v0.0.8

10 May 18:49
@mathieu-benoit mathieu-benoit
4d2e1aa
4d2e1aa
Compare
Choose a tag to compare
v0.0.8

What's Changed

  • ACM 1.11.1 for the GKE cluster
  • Remove apiVersion field in resourceRef because it's now optional since KCC 1.83
  • Replace istio.io/rev label by istio-injection label to simplify the experience with ASM sidecar proxies injection
  • More explanations about the billing.user role restrictions and alternatives (Argolis, etc.)

Full Changelog: 59e90b9...4d2e1aa

Loading

v0.0.7

04 May 14:29
@mathieu-benoit mathieu-benoit
59e90b9
59e90b9
Compare
Choose a tag to compare
v0.0.7

What's Changed

  • Document more options for Config Controller's regions: northamerica-northeast1, asia-northeast1, europe-north1 and australia-southeast1
  • Fix whereami ManagedCertificate's namespace
  • Remove legacySchema: truefromConstraintTemplates` because not leveraged
  • Add asm-ingressgateway Deployment depends-on ControlPlaneRevision
  • Add instruction to create default VPC if not present for Config Controller
  • Change to folder tab first, organization tab second, the former is the most commonly used.

Full Changelog: 8a1b604...59e90b9

Loading

v0.0.6

04 Apr 04:19
@mathieu-benoit mathieu-benoit
8a1b604
8a1b604
Compare
Choose a tag to compare
v0.0.6

What's Changed

  • More depends-on annotations, now 34 KCC resources have this annotation. In the 2 GitHub repositories: Org and GKE Project.
  • Add Mermaid charts to illustrate these depends-on annotations.
  • Use projectRef instead of project-id in ServiceUsage + use resourceID to avoid duplicate name in the same namespace (i.e. in config-control)

Full Changelog: 14ba194...8a1b604

Loading

v0.0.5

31 Mar 14:43
@mathieu-benoit mathieu-benoit
14ba194
14ba194
Compare
Choose a tag to compare
v0.0.5

What's Changed

  • With ACM 1.11.0 now supported by Config Controller, the KCC resources have now the new depends-on annotation when appropriate. 22 KCC resources have this depends-on annotation.

Full Changelog: 424b238...14ba194

Loading

v0.0.3

30 Mar 04:06
@mathieu-benoit mathieu-benoit
cea32e7
cea32e7
Compare
Choose a tag to compare
v0.0.3

What's Changed

  • Kustomize support for OnlineBoutique
  • Kustomize support for Whereami
  • Config Controller's RootSync is now a private GitHub repository (SSH Key pair) for more security (the only one having "sensitive" information so far - the other repositories are still public)
  • Config Sync's RepoSync with edit ClusterRole for Istio resources instead of cluster-admin (to follow the least privilege principle)
  • ConfigManagement 1.11.0 for the GKE cluster (not yet for Config Controller)
  • Add default deny-all AuthorizationPolicy in istio-system for the Mesh instead of per namespace
  • Add credits page under the overview section to callout the contents and authors who inspired this workshop
  • Add release notes link on homepage

Full Changelog: ee4761d...cea32e7

Loading

v0.0.4

30 Mar 20:09
@mathieu-benoit mathieu-benoit
424b238
424b238
Compare
Choose a tag to compare
v0.0.4

What's Changed

  • gh repo create --private for Org repo
  • Fix other frictions and typos in "Set up Config Controller" section

Full Changelog: cea32e7...424b238

Loading

v0.0.2

15 Mar 23:15
@mathieu-benoit mathieu-benoit
ee4761d
ee4761d
Compare
Choose a tag to compare
v0.0.2

Official first public release where end-users can run this workshop end to end! 🎉

Full Changelog: f95141b...ee4761d

Loading

v0.0.1

17 Feb 21:15
@mathieu-benoit mathieu-benoit
f95141b
f95141b
Compare
Choose a tag to compare
v0.0.1 Pre-release
Pre-release

Initial release with initial basic/empty acm-workshop website

Loading