Skip to content

Latest commit



1111 lines (826 loc) · 150 KB

File metadata and controls

1111 lines (826 loc) · 150 KB

This file will no longer be updated. Instead, refer to generated changelog/generated/<version>.md



  • Enabled definition of custom categories encoded as JSON file(s) for the operatorhub validator. (#4109)


  • Improved ansible-operator and helm-operator help text. (#4187)
  • When generating bundles and package manifests, add all resources supported by OLM. (#4137)
  • olm and run subcommands will print aggregated resource errors when either OLM or an operator fail to install, respectively. (#3787)
  • Upgraded from v0.6.2 to v0.6.3. (#4062)

Bug Fixes

  • Set a generated CSV's .spec.webhookdefinitions[].{targetPort,containerPort} values from webhook Service ports. (#4178)
  • Excluded to fix CVE-2018-1098. (#4199)
  • Added the kustomize make dependency to the bundle target scaffolded for Golang projects to install kustomize before running. (#4090)
  • Fixed an issue in operator-sdk cleanup that caused CatalogSource and OperatorGroup objects not to be cleaned up if a previous operator-sdk run command failed. (#4089)
  • Fixed an issue during CSV generation that caused incorrect paths to be used in specDescriptors and statusDescriptors. (#4166)
  • In Helm projects, fixed operator RBAC permissions to support the OwnerReferencesPermissionEnforcement admission plugin by adding a <resource>/finalizers rule in the operator's role. (#4105)
  • Removed redundant platform information from operator-sdk version output. (#4083)
  • Format version string passed to olm subcommands so releases download correctly. (#4181)
  • In Go, Ansible, and Helm operators, updated the metrics-reader ClusterRole to use to be consistent with all other scaffolded RBAC resources. (#4136)
  • Modified olm-status-descriptors-test to only validate if the status-descriptors are present in CRD. (#4009)
  • Webhook container port specified in CSV defaults to 443 if not specified by the user. (#4109)
  • For Golang based operators with multigroup support, fixed envtest.Environment.CRDDirectoryPaths in scaffolded controllers/<group>/suite_test.go files. (#4062)



  • For Ansible-based Operator, add .gitignore file. (#3806)
  • Added the --select-optional flag to bundle validate to pass a label selector that runs any matching optional validator on top of required validators, and --list-optional to display optional validators, their selectors, and a short explanation of what each does. (#3719)
  • Added the optional validator to bundle validate, which can be run by setting --select-optional=name=operatorhub or --select-optional=suite=operatorframework. (#3719)
  • Added the run bundle command. (#3988)
  • Added new base image assets containing the Operator-SDK CLI at (#3902)
  • Removed stale unix sockets. This allows for smoother initialization during the start-up of an Ansible operator, as each operator will clean up its sockets during termination. (#3721)
  • Added feature to the command operator-sdk olm install that allows installing OLM version 0.15.1 without fetching the manifest from Github. (#3906)
  • Re-enabled s390x docker image builds. (#3855)


  • In ansible-operator and helm-operator run commands, print git commit when logging version information. (#3849)
  • For Ansible/Helm, fix multigroup message. (#3822)
  • For Helm-based Operators, cleanup the file .gitignore in order to not have invalid instructions for the type. (#3810)
  • Updated scorecard-test-kuttl image to kuttl v0.6.1. (#3659)
  • Updated scorecard-test-kuttl image to kuttl v0.5.2. (#3659)
  • Updated scorecard-test-kuttl image to use latest kuttl. (#3711)
  • Updated the Makefile to build multiarch versions of the scorecard-test-kuttl and custom-scorecard-tests images to match the scorecard-test image. (#3821)

Bug Fixes

  • generate <bundle|packagemanifests> will populate a CSV's webhookDefinition[].deploymentName by selecting an input Deployment via its PodTemplate labels using a webhook Service's label selectors, defaulting to "<>-service" if none is selected. (#3761)
  • Resolves an issue with default channel bundle validation. The default channel label is not required. (#3953)
  • Fixed debug logging in the bundle validate subcommand of operator-sdk. (#3795)
  • generate <bundle|packagemanifests> now generates a CSV base with only the AllNamespaces install mode supported by default, since projects are cluster-scoped by default. (#3746)
  • generate <bundle|packagemanifests> now defaults a CSV's spec.webhookDefinition[].admissionReviewVersions to []string{"v1beta1"}, as an empty or null value is invalid. (#3903)
  • generate <bundle|packagemanifests> now defaults a CSV's spec.webhookDefinition[].sideEffects to "None", as an empty or null value is invalid. (#3903)
  • The scaffolded manager deployment for Ansible-based Operators now has the ANSIBLE_GATHERING option set to explicit. Additionally, if the ANSIBLE_GATHERING environment variable is set to explicit when running a role directly, the --role-skip-facts argument will be passed to ansible-runner. (#3933)
  • Added kubernetes authentication clients to ansible-operator and helm-operator to enable authentication to gcp, azure, etc. kubernetes clusters. (#3974)
  • Fixed a bug with run packagemanifests that caused the underlying registry pod to fail to start. Changed the registry pod image from to (#3856)
  • When generating bundles and packagemanifests, remove metadata.namespace from namespaced resources when writing them into the manifests directory to avoid validation errors. (#3813)
  • Fixed a bug that caused the Helm operator not to set the InstallSuccessful and UpgradeSuccessful status reasons when the status update fails during installation and upgrade. (#3735)
  • Bumped helm and k8s dependencies to v3.3.4 and v1.18.8 to fix this upstream bug. (#3936)
  • In Ansible projects, fix operator permissions for Openshift deployments by adding a <resource>/finalizers rule in the operator's role. (#3779)
  • In Go projects, resolved an issue that caused failing tests by changing the Makefile's test target to automatically download and configure the necessary envtest binaries. (#3983)
  • Inform user to verify the presence of olm deployment manifests in github when olm install command gives a 404 http error. (#3907)
  • Prevent run packagemanifests from creating an OperatorGroup if one already exists in a namespace, and use that OperatorGroup if its target namespaces exactly match those passed in --install-mode. See #3681. (#3689)
  • Resolved an issue that caused bundle validation to unnecessarily restrict CSV names to a specific format. Now, only DNS-1123 subdomain validity is verified. (#3887)
  • Stop reconciling tasks when the event raised is a rescue in Ansible-based Operators. More info: Bugzilla 1856714. (#3650)
  • Fix an issue in run packagemanifests where the registry server writes files in locations that require root. (#3867)
  • When scaffolding scorecard configurations, use release versions instead of latest in image tags. (#3845)


Bug Fixes

  • Fixed a bug with run packagemanifests that caused the underlying registry pod to fail to start. Changed the registry pod image from to (#3895)
  • Resolved an issue that caused bundle validation to unnecessarily restrict CSV names to a specific format. Now, only DNS-1123 subdomain validity is verified. (#3888)
  • Fix an issue in run packagemanifests where the registry server writes files in locations that require root. (#3895)
  • Fixed debug logging in the bundle validate subcommand of operator-sdk. (#3899)
  • generate <bundle|packagemanifests> now generates a CSV base with only the AllNamespaces install mode supported by default, since projects are cluster-scoped by default. (#3899)
  • When generating bundles and packagemanifests, remove metadata.namespace from namespaced resources when writing them into the manifests directory to avoid validation errors. (#3899)
  • Fixed a bug that caused the Helm operator not to set the InstallSuccessful and UpgradeSuccessful status reasons when the status update fails during installation and upgrade. (#3899)
  • In Helm projects, fix operator permissions for Openshift deployments by adding a <resource>/finalizers rule in the operator's role. (#3899)
  • Prevent run packagemanifests from creating an OperatorGroup if one already exists in a namespace, and use that OperatorGroup if its target namespaces exactly match those passed in --install-mode. See #3681. (#3899)
  • Stop reconciling tasks when the event raised is a rescue in Ansible-based Operators. More info: Bugzilla 1856714. (#3650)
  • When scaffolding scorecard configurations, use release versions instead of latest in image tags. (#3899)
  • generate <bundle|packagemanifests> will populate a CSV's webhookDefinition[].deploymentName by selecting an input Deployment via its PodTemplate labels using a webhook Service's label selectors, defaulting to "<>-service" if none is selected. (#3904)


Since v0.19


  • The Ansible and Helm operators have a version subcommand that prints the version information for the ansible-operator and helm-operator binaries. (#3596)
  • Added --ansible-args command-line flag that allows users to specify arbitrary CLI arguments for Ansible-based operators that are passed through ansible-runner. For example, passing --ansible-vault as an arbitrary argument allows user to store sensitive data in encrypted files. (#3374)
  • generate bundle and generate packagemanifests will write RBAC objects (Roles, RoleBindings, their Cluster equivalents, and ServiceAccounts) not bound to CSV deployment service accounts to the resulting manifests directory. (#3610)
  • The snakeCaseParameters option has been added to the watches.yaml for Ansible-based Operators. This allows the user to configure whether parameters in the resource spec are automatically converted from camelCase to snake_case. The default is true, so there is no behavior change for existing operators, but it can now be disabled. (#3245)
  • Added projectName key to the PROJECT config file (v3-alpha+). (#3438)
  • Added the --from-version flag to generate packagemanifests. (#3509)
  • The generate bundle command now adds scorecard bundle metadata to bundle.Dockerfile and annotations.yaml if --overwrite is set (the default in a project's Makefile) or both files do not exist. (#3474)
  • Added config/scorecard kustomize scaffolds to init. (#3490)


  • Breaking change: Changed the plugin to only write a plugins PROJECT field and run the OLM integration and scorecard plugins if the project version is "3-alpha" or above. (#3697)
  • Breaking change: Added a scaffold marker +kubebuilder:scaffold:manifestskustomizesamples to config/samples/kustomization.yaml that allows updates without overwriting the entire file. (#3645)
  • Breaking change: Added IMG argument to bundle make rule that accepts an operator image tag. This tag will be inserted into the manager's deployment manifest when make bundle IMG=<tag> is run. (#3634)
  • Breaking change: Updated operator-sdk cleanup command to be more generic. (#3644)
  • Breaking change: Default install mode for run packagemanifests changed from OwnNamespace to AllNamespaces. (#3663)
  • Breaking change: The Ansible and Helm operators now use controller-runtime's zap package to define logging flags. (#3596)
  • Breaking change: The Ansible and Helm operators now use a run subcommand to run the operator. (#3596)
  • The generate bundle subcommand no longer requires a default channel be set nor defaults to the first channel provided to --channels. (#3602)
  • The bundle validate subcommand no longer returns an error if a bundle does not have a default channel. (#3602)
  • Breaking change: The --update-crds flag has been renamed to --update-objects for the generate packagemanifests subcommand. (#3610)
  • Breaking change: Changed --operator-version flag to --version in run packagemanifests. (#3599)
  • Breaking change: Changed --operator-namespace flag to --namespace in run packagemanifests. (#3601)
  • Use structured logging in Ansible and Helm operator base images when printing version information. (#3564)
  • The Ansible and Helm-based operators now use the controller-runtime's lease-based leader election instead of SDK's leader-for-life mechanism. (#3457) & (#3446)
  • Breaking change: Added --metrics-addr flag to the Ansible and Helm-based operators to make it configurable, and changed the default port from :8383 to :8080. (#3489) & (#3440)
  • Breaking change: Changed domain suffix used for plugins and CR annotations to consistently use (#3527)
  • Breaking change: Removed the implementation for EnqueueRequestForAnnotation handler from the SDK repository and referenced it from operator-lib instead. (#3506)
  • Breaking change: The Ansible operator implementation in pkg/ansible was moved to internal/ansible. (#3560)
  • Breaking change: The Helm operator implementation in pkg/helm was moved to internal/helm. (#3537)
  • Breaking change: The Ansible operator's --max-workers flag and WORKERS_<Kind>_<Group> environment variable have been renamed to --max-concurrent-reconciles and MAX_CONCURRENT_RECONCILES_<Kind>_<Group> respectively. (#3452)
  • Breaking change: The meta variable passed to Ansible playbooks and roles has been renamed to ansible_operator_meta. (#3562)
  • Breaking change: The scorecard configuration is now implemented as a componentconfig object and now includes a new top-level stages field, which allows users to define stages of tests and to enable parallelism within each stage. (#3490) & (#3434)
  • When a namespace is not provided on the command line, the scorecard command now looks for a namespace in the kubeconfig. If a namespace can not be found in the kubeconfig file, then 'default' is used. (#3478)
  • Use on-disk bundle metadata in scorecard (either unpacked from an image or directly if a directory is passed) as the source of truth for bundle metadata, and not image labels which are informative only. (#3450)
  • Breaking change: The alpha scorecard command has been promoted to the standard scorecard command. (#3444)
  • Breaking change: Changed scorecard text and json output to use a v1alpha3.TestList instead of aggregating all test results under a single v1alpha3.Test and set exit status to 1 when a test fails. (#3427)
  • Ansible & Helm-based Operators switched to using the InstrumentedEnqueueRequestForObject from operator-lib instead of controller-runtime's EnqueueRequestForObject. (#3523)


  • Breaking change: Removed olm-namespace flag from operator-sdk olm install command. (#3670)
  • Breaking change: Docker images for s390x architecture are removed due to issues with s390x machines failing to be scheduled and run in Travis CI. (#3710)
  • Breaking change: Moved scorecard API v1alpha3 to the api repo under pkg/apis/scorecard/v1alpha3. All future scorecard APIs will be released in this repo. (#3622)
  • Breaking change: Removed package version. (#3617)
  • Breaking change: Removed --operator-name from generate subcommands in favor of using project-name from the PROJECT config file (v3-alpha+). (#3530)
  • Breaking change: Removed --include-paths flag from run packagemanifests. (#3599)
  • Breaking change: Removed --olm-namespace flag from run packagemanifests. (#3601)
  • Breaking change: Removed support for the legacy layout. Operator SDK has a new CLI and project layout that is aligned with Kubebuilder. (#3327) (#3343) (#3547) (#3566) (#3343) (#3466) (#3531) (#3451) (#3414) (#3414) (#3414) (#3414) (#3385) (#3406)
  • Breaking change: Moved pkg/log/zap to internal/log/zap, therefore it is no longer a public API. (#3525)
  • Breaking change: Removed pkg/predicate: ResourceFilterPredicate. (#3532)
  • Breaking change: Refactored and moved pkg/predicate.GenerationChangedPredicate (see this operator-lib PR for details). (#3532)
  • Breaking change: Removed test subcommand and the test framework pkg/test. (#3409)
  • Breaking change: Removed pkg/k8sutils and its helpers methods GetWatchNamespace(), GetOperatorNamespace(), GetOperatorName(), ResourceExists(), GetPod(), GetGVKsFromAddToScheme() and SupportsOwnerReference(). (#3475)
  • Breaking change: Removed pkg/kube-metrics and its associated helpers NewNamespacedMetricsStores(), NewClusterScopedMetricsStores(), ServeMetrics(), and GenerateAndServeCRMetrics(). (#3484)
  • Breaking change: Removed pkg/leader and pkg/status. These are now part of operator-lib. (#3503)
  • Breaking change: Removed pkg/metrics and its helpers GenerateAndServeCRMetrics() and GetNamespacesForMetrics(). (#3484)
  • Breaking change: Removed pkg/ready and its helper utils Ready, Set(), Unset(). (#3476)
  • Breaking change: Removed pkg/tls since that pkg is a leftover from an earlier effort to make certificate management easier, but was abandoned in favor of alternatives like cert-manager. (#3468)

Bug Fixes

  • Fixed incorrect (cluster) role name assignments in generated CSVs #3600. (#3610)
  • Fixed a bug that caused the Ansible operator not to set the environment variables ANSIBLE_ROLES_PATH and ANSIBLE_COLLECTIONS_PATH based on the flags --ansible-roles-path and --ansible-collections-path. (#3549)
  • Use group and kind instead of only kind when parsing manifests in the CSV generator to avoid marshaling them into the wrong Go types. (#3334)
  • Fixed issue that caused scorecard to fail loading local bundle due to a bug search method for the bundle metadata directory. (#3408)
  • Fixed CVE-2020-14040 by updating to (#3458)
  • The scorecard subcommand now removes existing pods if the --wait-time deadline is exceeded and --skip-cleanup=false (the default). Fixes #3419. (#3526)
  • Fixed a bug in scorecard that caused tests to fail with permission errors when loading the bundle. (#3428)

Since v1.0.0-alpha.2


  • Breaking change: Changed the plugin to only write a plugins PROJECT field and run the OLM integration and scorecard plugins if the project version is "3-alpha" or above. (#3697)
  • Breaking change: Added a scaffold marker +kubebuilder:scaffold:manifestskustomizesamples to config/samples/kustomization.yaml that allows updates without overwriting the entire file. (#3645)
  • Breaking change: Added IMG argument to bundle make rule that accepts an operator image tag. This tag will be inserted into the manager's deployment manifest when make bundle IMG=<tag> is run. (#3634)
  • Breaking change: Updated operator-sdk cleanup command to be more generic. (#3644)
  • Breaking change: Default install mode for run packagemanifests changed from OwnNamespace to AllNamespaces. (#3663)


  • Breaking change: Removed olm-namespace flag from operator-sdk olm install command. (#3670)
  • Breaking change: Docker images for s390x architecture are removed due to issues with s390x machines failing to be scheduled and run in Travis CI. (#3710)



  • The Ansible and Helm operators have a version subcommand that prints the version information for the ansible-operator and helm-operator binaries. (#3596)
  • Added --ansible-args command-line flag that allows users to specify arbitrary CLI arguments for Ansible-based operators that are passed through ansible-runner. For example, passing --ansible-vault as an arbitrary argument allows user to store sensitive data in encrypted files. (#3374)
  • generate bundle and generate packagemanifests will write RBAC objects (Roles, RoleBindings, their Cluster equivalents, and ServiceAccounts) not bound to CSV deployment service accounts to the resulting manifests directory. (#3610)


  • Breaking change: The Ansible and Helm operators now use controller-runtime's zap package to define logging flags. (#3596)
  • Breaking change: The Ansible and Helm operators now use a run subcommand to run the operator. (#3596)
  • The generate bundle subcommand no longer requires a default channel be set nor defaults to the first channel provided to --channels. (#3602)
  • The bundle validate subcommand no longer returns an error if a bundle does not have a default channel. (#3602)
  • Breaking change: The --update-crds flag has been renamed to --update-objects for the generate packagemanifests subcommand. (#3610)
  • Breaking change: Changed --operator-version flag to --version in run packagemanifests. (#3599)
  • Breaking change: Changed --operator-namespace flag to --namespace in run packagemanifests. (#3601)


  • Breaking change: Moved scorecard API v1alpha3 to the api repo under pkg/apis/scorecard/v1alpha3. All future scorecard APIs will be released in this repo. (#3622)
  • Breaking change: Removed package version. (#3617)
  • Breaking change: Removed --operator-name from generate subcommands in favor of using project-name from the PROJECT config file (v3-alpha+). (#3530)
  • Breaking change: Removed --include-paths flag from run packagemanifests. (#3599)
  • Breaking change: Removed --olm-namespace flag from run packagemanifests. (#3601)

Bug Fixes

  • Fixed incorrect (cluster) role name assignments in generated CSVs #3600. (#3610)



  • The snakeCaseParameters option has been added to the watches.yaml for Ansible-based Operators. This allows the user to configure whether parameters in the resource spec are automatically converted from camelCase to snake_case. The default is true, so there is no behavior change for existing operators, but it can now be disabled. (#3245)
  • Added projectName key to the PROJECT config file (v3-alpha+). (#3438)
  • Added the --from-version flag to generate packagemanifests. (#3509)
  • The generate bundle command now adds scorecard bundle metadata to bundle.Dockerfile and annotations.yaml if --overwrite is set (the default in a project's Makefile) or both files do not exist. (#3474)
  • Added config/scorecard kustomize scaffolds to init. (#3490)


  • Use structured logging in Ansible and Helm operator base images when printing version information. (#3564)
  • The Ansible and Helm-based operators now use the controller-runtime's lease-based leader election instead of SDK's leader-for-life mechanism. (#3457) & (#3446)
  • Breaking change: Added --metrics-addr flag to the Ansible and Helm-based operators to make it configurable, and changed the default port from :8383 to :8080. (#3489) & (#3440)
  • Breaking change: Changed domain suffix used for plugins and CR annotations to consistently use (#3527)
  • Breaking change: Removed the implementation for EnqueueRequestForAnnotation handler from the SDK repository and referenced it from operator-lib instead. (#3506)
  • Breaking change: The Ansible operator implementation in pkg/ansible was moved to internal/ansible. (#3560)
  • Breaking change: The Helm operator implementation in pkg/helm was moved to internal/helm. (#3537)
  • Breaking change: The Ansible operator's --max-workers flag and WORKERS_<Kind>_<Group> environment variable have been renamed to --max-concurrent-reconciles and MAX_CONCURRENT_RECONCILES_<Kind>_<Group> respectively. (#3452)
  • Breaking change: The meta variable passed to Ansible playbooks and roles has been renamed to ansible_operator_meta. (#3562)
  • Breaking change: The scorecard configuration is now implemented as a componentconfig object and now includes a new top-level stages field, which allows users to define stages of tests and to enable parallelism within each stage. (#3490) & (#3434)
  • When a namespace is not provided on the command line, the scorecard command now looks for a namespace in the kubeconfig. If a namespace can not be found in the kubeconfig file, then 'default' is used. (#3478)
  • Use on-disk bundle metadata in scorecard (either unpacked from an image or directly if a directory is passed) as the source of truth for bundle metadata, and not image labels which are informative only. (#3450)
  • Breaking change: The alpha scorecard command has been promoted to the standard scorecard command. (#3444)
  • Breaking change: Changed scorecard text and json output to use a v1alpha3.TestList instead of aggregating all test results under a single v1alpha3.Test and set exit status to 1 when a test fails. (#3427)
  • Ansible & Helm-based Operators switched to using the InstrumentedEnqueueRequestForObject from operator-lib instead of controller-runtime's EnqueueRequestForObject. (#3523)


  • Breaking change: Removed support for the legacy layout. Operator SDK has a new CLI and project layout that is aligned with Kubebuilder. (#3327) (#3343) (#3547) (#3566) (#3343) (#3466) (#3531) (#3451) (#3414) (#3414) (#3414) (#3414) (#3385) (#3406)
  • Breaking change: Moved pkg/log/zap to internal/log/zap, therefore it is no longer a public API. (#3525)
  • Breaking change: Removed pkg/predicate: ResourceFilterPredicate. (#3532)
  • Breaking change: Refactored and moved pkg/predicate.GenerationChangedPredicate (see this operator-lib PR for details). (#3532)
  • Breaking change: Removed test subcommand and the test framework pkg/test. (#3409)
  • Breaking change: Removed pkg/k8sutils and its helpers methods GetWatchNamespace(), GetOperatorNamespace(), GetOperatorName(), ResourceExists(), GetPod(), GetGVKsFromAddToScheme() and SupportsOwnerReference(). (#3475)
  • Breaking change: Removed pkg/kube-metrics and its associated helpers NewNamespacedMetricsStores(), NewClusterScopedMetricsStores(), ServeMetrics(), and GenerateAndServeCRMetrics(). (#3484)
  • Breaking change: Removed pkg/leader and pkg/status. These are now part of operator-lib. (#3503)
  • Breaking change: Removed pkg/metrics and its helpers GenerateAndServeCRMetrics() and GetNamespacesForMetrics(). (#3484)
  • Breaking change: Removed pkg/ready and its helper utils Ready, Set(), Unset(). (#3476)
  • Breaking change: Removed pkg/tls since that pkg is a leftover from an earlier effort to make certificate management easier, but was abandoned in favor of alternatives like cert-manager. (#3468)

Bug Fixes

  • Fixed a bug that caused the Ansible operator not to set the environment variables ANSIBLE_ROLES_PATH and ANSIBLE_COLLECTIONS_PATH based on the flags --ansible-roles-path and --ansible-collections-path. (#3549)
  • Use group and kind instead of only kind when parsing manifests in the CSV generator to avoid marshaling them into the wrong Go types. (#3334)
  • Fixed issue that caused scorecard to fail loading local bundle due to a bug search method for the bundle metadata directory. (#3408)
  • Fixed CVE-2020-14040 by updating to (#3458)
  • The scorecard subcommand now removes existing pods if the --wait-time deadline is exceeded and --skip-cleanup=false (the default). Fixes #3419. (#3526)
  • Fixed a bug in scorecard that caused tests to fail with permission errors when loading the bundle. (#3428)



  • The snakeCaseParameters option has been added to the watches.yaml for Ansible-based Operators. This allows the user to configure whether parameters in the resource spec are automatically converted from camelCase to snake_case. The default is true, so there is no behavior change for existing operators, but it can now be disabled. (#3245)
  • Added projectName key to the PROJECT config file (v3-alpha+). (#3438)
  • Added the --from-version flag to generate packagemanifests. (#3509)
  • The generate bundle command now adds scorecard bundle metadata to bundle.Dockerfile and annotations.yaml if --overwrite is set (the default in a project's Makefile) or both files do not exist. (#3474)
  • Added config/scorecard kustomize scaffolds to init. (#3490)


  • Use structured logging in Ansible and Helm operator base images when printing version information. (#3564)
  • The Ansible and Helm-based operators now use the controller-runtime's lease-based leader election instead of SDK's leader-for-life mechanism. (#3457) & (#3446)
  • Breaking change: Added --metrics-addr flag to the Ansible and Helm-based operators to make it configurable, and changed the default port from :8383 to :8080. (#3489) & (#3440)
  • Breaking change: Changed domain suffix used for plugins and CR annotations to consistently use (#3527)
  • Breaking change: Removed the implementation for EnqueueRequestForAnnotation handler from the SDK repository and referenced it from operator-lib instead. (#3506)
  • Breaking change: The Ansible operator implementation in pkg/ansible was moved to internal/ansible. (#3560)
  • Breaking change: The Helm operator implementation in pkg/helm was moved to internal/helm. (#3537)
  • Breaking change: The Ansible operator's --max-workers flag and WORKERS_<Kind>_<Group> environment variable have been renamed to --max-concurrent-reconciles and MAX_CONCURRENT_RECONCILES_<Kind>_<Group> respectively. (#3452)
  • Breaking change: The meta variable passed to Ansible playbooks and roles has been renamed to ansible_operator_meta. (#3562)
  • Breaking change: The scorecard configuration is now implemented as a componentconfig object and now includes a new top-level stages field, which allows users to define stages of tests and to enable parallelism within each stage. (#3490) & (#3434)
  • When a namespace is not provided on the command line, the scorecard command now looks for a namespace in the kubeconfig. If a namespace can not be found in the kubeconfig file, then 'default' is used. (#3478)
  • Use on-disk bundle metadata in scorecard (either unpacked from an image or directly if a directory is passed) as the source of truth for bundle metadata, and not image labels which are informative only. (#3450)
  • Breaking change: The alpha scorecard command has been promoted to the standard scorecard command. (#3444)
  • Breaking change: Changed scorecard text and json output to use a v1alpha3.TestList instead of aggregating all test results under a single v1alpha3.Test and set exit status to 1 when a test fails. (#3427)
  • Ansible & Helm-based Operators switched to using the InstrumentedEnqueueRequestForObject from operator-lib instead of controller-runtime's EnqueueRequestForObject. (#3523)


  • Breaking change: Removed support for the legacy layout. Operator SDK has a new CLI and project layout that is aligned with Kubebuilder. (#3327) (#3343) (#3547) (#3566) (#3343) (#3466) (#3531) (#3451) (#3414) (#3414) (#3414) (#3414) (#3385) (#3406)
  • Breaking change: Moved pkg/log/zap to internal/log/zap, therefore it is no longer a public API. (#3525)
  • Breaking change: Removed pkg/predicate: ResourceFilterPredicate. (#3532)
  • Breaking change: Refactored and moved pkg/predicate.GenerationChangedPredicate (see this operator-lib PR for details). (#3532)
  • Breaking change: Removed test subcommand and the test framework pkg/test. (#3409)
  • Breaking change: Removed pkg/k8sutils and its helpers methods GetWatchNamespace(), GetOperatorNamespace(), GetOperatorName(), ResourceExists(), GetPod(), GetGVKsFromAddToScheme() and SupportsOwnerReference(). (#3475)
  • Breaking change: Removed pkg/kube-metrics and its associated helpers NewNamespacedMetricsStores(), NewClusterScopedMetricsStores(), ServeMetrics(), and GenerateAndServeCRMetrics(). (#3484)
  • Breaking change: Removed pkg/leader and pkg/status. These are now part of operator-lib. (#3503)
  • Breaking change: Removed pkg/metrics and its helpers GenerateAndServeCRMetrics() and GetNamespacesForMetrics(). (#3484)
  • Breaking change: Removed pkg/ready and its helper utils Ready, Set(), Unset(). (#3476)
  • Breaking change: Removed pkg/tls since that pkg is a leftover from an earlier effort to make certificate management easier, but was abandoned in favor of alternatives like cert-manager. (#3468)

Bug Fixes

  • Fixed a bug that caused the Ansible operator not to set the environment variables ANSIBLE_ROLES_PATH and ANSIBLE_COLLECTIONS_PATH based on the flags --ansible-roles-path and --ansible-collections-path. (#3549)
  • Use group and kind instead of only kind when parsing manifests in the CSV generator to avoid marshaling them into the wrong Go types. (#3334)
  • Fixed issue that caused scorecard to fail loading local bundle due to a bug search method for the bundle metadata directory. (#3408)
  • Fixed CVE-2020-14040 by updating to (#3458)
  • The scorecard subcommand now removes existing pods if the --wait-time deadline is exceeded and --skip-cleanup=false (the default). Fixes #3419. (#3526)
  • Fixed a bug in scorecard that caused tests to fail with permission errors when loading the bundle. (#3428)



  • In ansible-operator and helm-operator, print git commit when logging version information. (#3850)

Bug Fixes

  • Resolved an issue that caused bundle validation to unnecessarily restrict CSV names to a specific format. Now, only DNS-1123 subdomain validity is verified. (#3886)
  • Fixed a bug with run packagemanifests that caused the underlying registry pod to fail to start. Changed the registry pod image from to (#3894)
  • Fix an issue in run packagemanifests where the registry server writes files in locations that require root. (#3894)
  • Fix the migration guide link in the deprecation message of operator-sdk. (#3876)



  • Breaking change: Changed the plugin to only write a plugins PROJECT field and run the OLM integration plugin if the project version is "3-alpha" or above. (#3716)
  • Fix CVE-2020-14040 by upgrading to v0.3.3. (#3459)

Bug Fixes

  • Fixed debug logging in the bundle validate subcommand of operator-sdk. (#3812)
  • Fixed incorrect (cluster) role name assignments in generated CSVs #3600. (#3714)
  • Fixed issue that caused scorecard to fail loading local bundle due to a bug search method for the bundle metadata directory. (#3829)
  • Stop reconciling tasks when the event raised is a rescue in Ansible-based Operators. More info: Bugzilla 1856714. (#3727)



  • The generate bundle subcommand no longer requires a default channel be set nor defaults to the first channel provided to --channels. (#3605)
  • The bundle validate subcommand no longer returns an error if a bundle does not have a default channel. (#3605)



  • Added the --from-version flag to generate packagemanifests. (#3524)

Bug Fixes

  • Fixed a bug that caused the Ansible operator not to set the environment variables ANSIBLE_ROLES_PATH and ANSIBLE_COLLECTIONS_PATH based on the flags --ansible-roles-path and --ansible-collections-path. (#3565)



  • Add "panic" level for --zap-stacktrace-level (allows "debug", "info", "error", "panic"). (#3040)
  • The operator-sdk binary has a new CLI workflow and project layout for scaffolding Go operators that is aligned with Kubebuilder's CLI and project layout. See the new Quickstart Guide and the new CLI reference for more details. (#3190)
  • bundle validate can now use a containerd image ("none") tool to unpack images, removing the need for an external image tool like docker/podman. (#3222)
  • The SDK scorecard command adds a new test image, scorecard-test-kuttl, that allows end users to write and execute kuttl based tests. (#3278)
  • Add "--olm-namespace" flag to olm subcommands (install, uninstall) to allow users to specify the namespace where olm is to be installed or uninstalled. (#3300)
  • Add sdk annotations to bundle resources (CSVs, annotations.yaml and bundle.dockerfile). (#3120)
  • Add "--version" flag to olm subcommands (uninstall, status) to allow users to override the version of olm inferred from packageserver's CSV. (#3279)
  • Alias run packagemanifests as run pm. (#3314)
  • add generate kustomize manifests subcommand for new project layouts. (#3258)
  • add generate packagemanifests subcommand for legacy project layouts. (#3149)
  • add generate packagemanifests subcommand for new project layouts. (#3096)
  • Added predicate filtering function for labels based on selectors specified in watches.yaml. Events of resources that match the selector's labels will be skipped. (#3275)
  • Add builds for ansible-operator and helm-operator binaries. (#3363)
  • Add new scorecard APIVersion "" and types. (#3125)


  • Breaking change: Prevent the ansible-operator from mangling variables containing the uppercase representations of special words (e.g IP, HTTP, etc). (#3265)
  • Breaking change: In Helm-based operators, the UpdateSuccessful condition reason was renamed to UpgradeSuccessful to better align with Helm nomenclature. (#3345)
  • Breaking change: In Helm-based operators, the UpdateError condition reason was renamed to UpgradeError to better align with Helm nomenclature. (#3269)
  • Upgrade Helm dependency for Helm based-Operators from v3.2.0 to v3.2.4 in order to fix CVE-2020-4053. (#3313)
  • Change default value of --overwrite flag in operator-sdk generate bundle to true. (#3280)
  • The scorecard-test-kuttl image was updated to be based off the v0.5.1 version of kudobuilder/kuttl. This update fixes bugs found in kuttl v0.5.0. (#3369)
  • The alpha scorecard subcommand now outputs results as a Test instead of a ScorecardOutput. As a result, the --list argument will now just output a list of tests, without associated labels. (#3208)


  • The operator-sdk new command no longer supports scaffolding new Go projects with the --type=Go flag. To scaffold new projects, users are expected to use operator-sdk init as part of the new CLI for Go operators. (#3190)


  • With the introduction of the new Kubebuilder aligned CLI and project layout for Go operators, the old CLI will still continue to work for Go projects scaffolded in the old layout with operator-sdk new. However the old CLI is now deprecated and will be removed in a future release. (#3190)
  • The migrate sub-command is deprecated. (#3319)
  • Deprecate 'operator-sdk add crd'. Use 'operator-sdk add api' instead. (#3180)
  • bundle create is deprecated in favor of a combination of generate bundle and docker build -f bundle.Dockerfile .... (#3323)
  • generate csv is deprecated in favor of generate bundle or generate packagemanifests. (#3322)
  • The flag --git-init in the new command was deprecated. (#3241)

Bug Fixes

  • fix leader election of follower showing that an old leader will be evicted when the current leader is healthy. (#3059)
  • Fix bug in operator-sdk bundle validation that causes erroneous validation errors when the number of annotations in an existing annotations.yaml does not equal the number of default bundle annotations by upgrading the operator-registry dependency. (#3221)
  • Fix the download URL for the tini binary on ARM64 for the ansible operator base image. (#3234)
  • The generate crds subcommand now checks for the existence of the pkg/apis directory and logs a descriptive fatal error message if it does not exist or is not a directory. (#3091)
  • Fix bug in bundle validate that erroneously causes errors when a CRD manifest contains versions not present in a bundled CSV by bumping the api library version. (#3282)
  • Bump api validation library to fix "CRD key not found" validation bug. (#3154)


Bug Fixes

  • Fix leader election of follower showing that an old leader will be evicted when the current leader is healthy. (#3164)
  • Bump api validation library to fix "CRD key not found" validation bug. (#3167)



  • The Ansible operator now includes a healthz endpoint and liveness probe. All operators will now have a running healthz endpoint (not publicly exposed) without changes. (#2936)
  • Adds the ability for Helm operators to properly watch and reconcile when cluster-scoped release resources are changed. (#2987)
  • The CSV generator adds admission webhook config manifests present in --deploy-dir to new and existing CSV manifests. (#2729)
  • Add 'run packagemanifests' subcommand, which has the same functionality of the deprecated 'run --olm' mode. (#3016)
  • 'bundle generate' generates bundles for current project layouts; this has the same behavior as 'generate csv --make-manifests=true'. (#3088)
  • Set a default channel to the channel supplied to 'bundle create --channels=' if exactly one channel is set. (#3124)
  • Add '--kubeconfig' flag to '<run|cleanup> packagemanifests'. (#3067)
  • Add support for additional API creation for Anisble/Helm based operators. (#2703)
  • Add flag --interactive to the command operator-sdk generate csv in order to enable working with interactive prompts while generating CSV. (#2891)
  • Add new hidden alpha flag --output to print the result of operator-sdk bundle validate in JSON format to stdout. Logs are printed to stderr. (#3011)
  • Add 'run local' subcommand, which has the same functionality of the deprecated 'run --local' mode. (#3067)
  • Add scorecard-test image push targets into Makefile. (#3107)


  • In Helm-based operators, reconcile logic now uses three-way strategic merge patches for native kubernetes objects so that array patch strategies are correctly honored and applied. (#2869)
  • 'bundle validate' will print errors and warnings from validation. (#3083)
  • Breaking change: Set bundle dir permissions to 0755 so they can be read by in-cluster tooling. (#3129)
  • Breaking change: Changed the default CRD version from to for commands that create or generate CRDs. (#2874)
  • Changed default API version for new Helm-based operators to helm.operator-sdk/v1alpha1. The domain is reserved, so CRDs should not use it without explicit appproval. See the API Review Process for details. (#2859)
  • Breaking change: Updated Kubernetes dependencies to v1.18.2. (#2918)
  • Breaking change: Updated controller-runtime to v0.6.0. (#2918)
  • Updated controller-tools to v0.3.0. (#2918)
  • Updated helm to v3.2.0. (#2918)


  • Breaking change: The inotify-tools as a dependency of Ansible based-operator images which was deprecated and it will no longer scaffold the /bin/ao-logs which was using it to print the Ansible logs in the side-car since the side-car ansible container was removed in the previous versions. (#2852)
  • Breaking change: Removed automatic migration of helm releases from v2 to v3. (#2918)
  • Breaking change: Removed support for deprecated helm release naming scheme. (#2918)


  • Deprecate 'run --olm' mode. Use 'run packagemanifests' instead. (#3016)
  • Deprecate '--kubeconfig' flag on the 'cleanup' subcommand. Use 'run packagemanifests' instead. (#3067)
  • Deprecate 'run --local' mode. Use 'run local' instead. (#3067)

Bug Fixes

  • The Ansible Operator proxy will now return a 500 if it cannot determine whether a resource is virtual or not, instead of continuing on and skipping the cache. This will prevent resources that should have ownerReferences injected from being created without them, which would leave the user in a state that cannot be recovered without manual intervention. (#3112)
  • The Ansible Operator proxy no longer will attempt to cache non-status subresource requests. This will fix the issue where attempting to get Pod logs returns the API Pod resource instead of the log contents. (#3103)
  • Fix issue faced when the healthz endpoint is successfully called. (#3102)



  • Revert deprecation of the package manifests format. See #2755 for deprecation details. The package manifests format is still officially supported by the Operator Framework. (#2944, #3014, #3023)

Bug Fixes

  • Fixes issue where the helm.operator-sdk/upgrade-force annotation value for Helm based-operators is not parsed. (#2894)
  • In 'run --olm', package manifests format must be replicated in a pod's file system for consistent registry initialization. (#2964)
  • The internal OLM client retrieves existing OLM versions correctly now that the returned list of CSVs is indexed properly. (#2969)
  • Fixed issue to convert variables with numbers for Ansible based-operator. (#2842)
  • Added timeout to the Ansible based-operator proxy, which enables error reporting for requests that fail due to RBAC permissions issues to List and Watch the resources. (#2264)
  • CSV manifests read from disk are now properly marshaled into the CSV struct. (#3015)
  • Helm operator now applies its uninstall finalizer only when a release is deployed. This fixes a bug that caused the CR to be unable to be deleted without manually intervening to delete a prematurely added finalizer. (#3039)



  • Added support for generating kube-state-metrics metrics for cluster-scoped resources. Also added pkg/kubemetrics.NewNamespacedMetricsStores and pkg/kubemetrics.NewClusterScopedMetricsStores to support this new feature. (#2809)
  • Added the generate csv --deploy-dir --apis-dir --crd-dir flags to allow configuring input locations for operator manifests and API types directories to the CSV generator in lieu of a config. See the CLI reference doc or generate csv -h help text for more details. (#2511)
  • Added the generate csv --output-dir flag to allow configuring the output location for the catalog directory. (#2511)
  • The flag --watch-namespace and --operator-namespace was added to operator-sdk run --local, operator-sdk test --local and operator-sdk cleanup commands in order to replace the flag --namespace which was deprecated.(#2617)
  • The methods ctx.GetOperatorNamespace() and ctx.GetWatchNamespace() was added pkg/test in order to replace ctx.GetNamespace() which is deprecated. (#2617)
  • The --crd-version flag was added to the new, add api, add crd, and generate crds commands so that users can opt-in to v1 CRDs. (#2684)
  • The printout for the compatible Kubernetes Version #2446
  • The --output-dir flag instructs operator-sdk bundle create to write manifests and metadata to a non-default directory. (#2715)
  • The --overwrite flag instructs operator-sdk bundle create to overwrite metadata, manifests, and bundle.Dockerfile. (#2715)
  • operator-sdk bundle validate now accepts either an image tag or a directory arg. If the arg is a directory, its children must contain a manifests/ and a metadata/ directory. (#2737)
  • Add support to release SDK arm64 binaries and images. (#2742)
  • Add annotation helm.operator-sdk/upgrade-force: "True" to allow force resources replacement (helm upgrade --force) for Helm based-operators. (#2773)
  • The --make-manifests flag directs operator-sdk generate csv to create a manifests/ directory for the latest operator bundle, including CRDs. This flag is set by default. (#2776)
  • operator-sdk run --olm supports the new operator metadata format in metadata/annotations.yaml. (#2840)


  • The scorecard when creating a Custom Resource, will produce a message to the user if that CR already exists. (#2683)
  • Upgrade Kubernetes dependency versions from v1.16.2 to v1.17.4. (#2715)
  • Upgrade controller-runtime version from v0.4.0 to v0.5.2. (#2715)
  • Upgrade controller-tools version from v0.2.4 to v0.2.8. (#2715)
  • Upgrade helm version from v3.0.2 to v3.1.2. (#2715)
  • Upgrade prometheus-operator version from v0.34.0 to v0.38.0. (#2715)
  • Upgrade operator-registry version from v1.5.7to v1.6.2. (#2715)
  • Breaking Change: operator-sdk bundle create now creates a manifests/ directory under the parent directory of the argument passed to --directory, and setting --generate-only=true writes a Dockerfile to <project-root>/bundle.Dockerfile that copies bundle manifests from that manifests/ directory. (#2715)
  • Upgrade Kind used for tests for Ansible based-operators from 1.16 to 1.17. (#2753)
  • Breaking Change: Upgrade Molecule for Ansible-based operators from 2.22 to 3.0.2. For instructions on upgrading your project to use the V3 Molecule version see here. (#2749)
  • Breaking Change: Changed Conditions from map[ConditionType]Condition to []Condition. (#2739)
  • Setting operator-sdk generate csv --output-dir will search the output directory for bundles before searching the default location. (#2776)


  • Deprecated pkg/kubemetrics.NewMetricsStores. Use pkg/kubemetrics.NewNamespacedMetricsStores instead. (#2809)
  • Breaking Change: The --namespace flag from operator-sdk run --local, operator-sdk test --local and operator-sdk cleanup command was deprecated and will be removed in the future versions. Use --watch-namespace and --operator-namespace instead of. (#2617)
  • Breaking Change: The method ctx.GetNamespace() from the pkg/test is deprecated and will be removed in future versions. Use ctx.GetOperatorNamespace() and ctx.GetWatchNamespace() instead of. (#2617)
  • Breaking Change: package manifests are deprecated and new manifests are no longer generated; existing manifests are still updated by operator-sdk generate csv, but updates will not occur in future versions. Use operator-sdk bundle create to manage operator bundle metadata. (#2755)


  • Breaking Change: remove pkg/restmapper which was deprecated in v0.14.0. Projects that use this package must switch to the DynamicRESTMapper implementation in controller-runtime. (#2544)
  • Breaking Change: remove deprecated operator-sdk generate openapi subcommand. (#2740)
  • Breaking Change: Removed CSV configuration file support (defaulting to deploy/olm-catalog/csv-config.yaml) in favor of specifying inputs to the generator via generate csv --deploy-dir --apis-dir --crd-dir, and configuring output locations via generate csv --output-dir. (#2511)

Bug Fixes

  • The Ansible Operator proxy server now properly supports the Pod exec API (#2716)
  • Resources that use '-' in the APIGroup name can now be directly accessed by Ansible. (#2712)
  • Fixed issue in CSV generation that caused an incorrect path to be generated for descriptors on types that are fields in array elements. (#2721)
  • The test framework pkg/test no longer double-registers the --kubeconfig flag. Related bug: kubernetes-sigs/controller-runtime#878. (#2731)
  • The command operator-sdk generate k8s no longer requires users to explicitly set GOROOT in their environment. Now, GOROOT is detected using go env GOROOT and set automatically. (#2754)
  • operator-sdk generate csv and operator-sdk test local now parse multi-manifest files correctly. (#2758)
  • Fixed CRD validation generation issue with status.Conditions. (#2739)
  • Fix issue faced in the reconciliation when arrays are used in the config YAML files for Helm based-operators. (#2777)
  • Fixed issue in helm-operator where empty resource in release manifest caused failures while setting up watches for dependent resources. (#2831)



  • Add a new option to set the minimum log level that triggers stack trace generation in logs (--zap-stacktrace-level) (#2319)
  • Added pkg/status with several new types and interfaces that can be used in Status structs to simplify handling of status conditions. (#1143)
  • Added support for relative Ansible roles and playbooks paths in the Ansible-based operator watches files. (#2273)
  • Added watches file support for roles that were installed as Ansible collections. (#2587)
  • Add Prometheus metrics support to Ansible-based operators. (#2179)
  • On generate csv, populate a CSV manifest’s spec.icon, spec.keywords, and spec.mantainers fields with empty values to better inform users how to add data. (#2521)
  • Scaffold code in cmd/manager/main.go for Go operators and add logic to Ansible/Helm operators to handle multinamespace caching if WATCH_NAMESPACE contains multiple namespaces. (#2522)
  • Add a new flag option (--skip-cleanup-error) to the test framework to allow skip the function which will remove all artefacts when an error be faced to perform this operation. (#2512)
  • Add event stats output to the operator logs for Ansible based-operators. (2580)
  • Improve Ansible logs by allowing output the full Ansible result for Ansible based-operators configurable by environment variable. (2589)
  • Add the --max-workers flag to the commands operator-sdk exec-entrypoint and operator-sdk run --local for Helm based-operators with the purpose of controling the number of concurrent reconcile workers. (2607)
  • Add the --proxy-port flag to the operator-sdk scorecard command allowing users to override the default proxy port value (8889). (2634)
  • Add support for Metrics with MultiNamespace scenario. (#2603)
  • Add Prometheus metrics support to Helm-based operators. (#2603)
  • Add a new flag option --olm-namespace to operator-sdk run --olm, operator-sdk cleanup --olm and operator-sdk olm status command, which allows specifying the namespace in which OLM is installed. (#2613)


  • The base image now includes version 0.10.3 of the OpenShift Python client. This should fix hanging in Python3
  • The Kubernetes modules have migrated to the Kubernetes Ansible collection. All scaffolded code now references modules from this collection instead of Ansible Core. No immediate action is required for existing users of the modules from core, though it is recommended they switch to using the collection to continue to get non-critical bugfixes and features. To install the collection, users will need to add the install step to their build/Dockerfile. New projects will have a requirements.yml scaffolded that includes the community.kubernetes collection, as well as the corresponding install step in the build/Dockerfile. (#2646)
  • Breaking change The operator_sdk.util collection is no longer installed by default in the base image. Existing projects will need to install it in the build/Dockerfile. New projects will have a requirements.yml scaffolded that includes the operator_sdk.util collection, as well as the corresponding install step in the build/Dockerfile. (#2652)
  • Ansible scaffolding has been rewritten to be simpler and make use of newer features of Ansible and Molecule. (#2425)
    • No longer generates the build/test-framework directory or molecule/test-cluster scenario
    • Adds new cluster scenario that can be used to test against an existing cluster
    • There is no longer any Ansible templating done in the deploy/ directory, any templates used for testing will be located in molecule/templates/ instead.
    • The scaffolded molecule.yml files now use the Ansible verifier. All asserts.yml files were renamed to verify.yml to reflect this.
    • The prepare/converge/verify tasks now make use of the new k8s wait option to simplify the deployment logic.
  • Operator user setup and entrypoint scripts no longer insert dynamic runtime user entries into /etc/passwd. To use dynamic runtime users, use a container runtime that supports it (e.g. CRI-O). (#2469)
  • Changed the scorecard basic test, Writing into CRs has an effect, to include the http.MethodPatch as part of its test criteria alongside http.MethodPut and http.MethodPost. (#2509)
  • Changed the scorecard to use the init-timeout configuration setting as a wait time when performing cleanup instead of a hard-coded time. (#2597)
  • Upgrade the Helm dependency version from v3.0.1 to v3.0.2. (#2621)
  • Changed the scaffolded serveCRMetrics to use the namespaces informed in the environment variable WATCH_NAMESPACE in the MultiNamespace scenario. (#2603)
  • Improve skip metrics logs when running the operator locally in order to make clear the information for Helm based operators. (#2603)


  • The type name TestCtx in pkg/test has been deprecated and renamed to Context. It now exists only as a type alias to maintain backwards compatibility. Users of the e2e framework should migrate to use the new name, Context. The TestCtx alias will be removed in a future version. (2549)

  • The additional of the dependency inotify-tools on Ansible based-operator images. (#2586)

  • Breaking Change: The scorecard feature now only supports YAML config files. So, any config file with other extension is deprecated and should be changed for the YAML format. For further information see scorecard config file (#2591)


  • Breaking Change: The additional Ansible sidecar container. (#2586)

Bug Fixes

  • Fixed issue with Go dependencies caused by removed tag in openshift/api repository (#2466)
  • Fixed a regression in the operator-sdk run command that caused --local flags to be ignored (#2478)
  • Fix command operator-sdk run --local which was not working on Windows. (#2481)
  • Fix ServiceMonitor creation when the operator is cluster-scoped and the environment variable WATCH_NAMESPACE has a different value than the namespace where the operator is deployed. (#2601)
  • Fix error faced when the ansible.operator-sdk/verbosity annotation for Ansible based-operators is 0 or less. (#2651)
  • Fix missing error status when the error faced in the Ansible do not return an event status. (#2661)



  • Operator user setup and entrypoint scripts no longer insert dynamic runtime user entries into /etc/passwd. To use dynamic runtime users, use a container runtime that supports it (e.g. CRI-O). (#2469)

Bug Fixes

  • Fixed a regression in the operator-sdk run command that caused --local flags to be ignored (#2478)


Bug Fixes

  • Fixed issue with Go dependencies caused by removed tag in openshift/api repository (#2466)




  • Changed error wrapping according to Go version 1.13+ error handling. (#2355)
  • Added retry logic to the cleanup function from the e2e test framework in order to allow it to be achieved in the scenarios where temporary network issues are faced. (#2277)
  • Breaking Change: Moved olm-catalog gen-csv to the generate csv subcommand. (#2439)
  • Breaking Change: run ansible/helm are now the hidden commands exec-entrypoint ansible/helm. All functionality of each subcommand is the same. (#2441)
  • Breaking Change: up local is now run --local. All functionality of this command is the same. (#2441)
  • Breaking Change: Moved the olm subcommand from alpha to its own subcommand. All functionality of this command is the same. (#2447)



Bug Fixes

  • Fixed a regression in the helm-operator that caused all releases to be deployed in the same namespace that the operator was deployed in, regardless of which namespace the CR was created in. Now release resources are created in the same namespace as the CR. (#2414)
  • Fix issue when the test-framework would attempt to create a namespace exceeding 63 characters. pkg/test/NewCtx() now creates a unique id instead of using the test name. TestCtx.GetNamespace() uses this unique id to create a namespace that avoids this scenario. (#2335)


Bug Fixes

  • Fixed a regression in the helm-operator that caused all releases to be deployed in the same namespace that the operator was deployed in, regardless of which namespace the CR was created in. Now release resources are created in the same namespace as the CR. (#2414)



  • Added new --bundle flag to the operator-sdk scorecard command to support bundle validation testing using the validation API ( (#1916
  • Added new log field to the operator-sdk scorecard v1alpha2 output to support tests that produce logging. (#1916
  • Added new bundle validation test to the operator-sdk scorecard OLM tests. (#1916
  • Added scorecard test short names to each scorecard test to allow users to run a specific scorecard test using the selector flag. (#1916
  • Improve Ansible logs in the Operator container for Ansible-based Operators. (#2321)
  • Added support for override values with environment variable expansion in the watches.yaml file for Helm-based operators. (#2325)


  • Replace usage of with (#2309)
  • Upgraded Helm operator packages and base image from Helm v2 to Helm v3. Cluster state for pre-existing CRs using Helm v2-based operators will be automatically migrated to Helm v3's new release storage format, and existing releases may be upgraded due to changes in Helm v3's label injection. (#2080)
  • Fail operator-sdk olm-catalog gen-csv if it is not run from a project's root, which the command already assumes is the case. (#2322)
  • Breaking Change: Extract custom Ansible module k8s_status, which is now provided by the operator_sdk.util Ansible collection. See developer_guide for new usage. (#2310)
  • Upgrade minimal Ansible version in the init projects from 2.6 to 2.9 for collections support. (#2310)
  • Improve skip metrics logs when running the operator locally in order to make clear the information. (#2190)
  • Upgrade controller-tools version from v0.2.2 to v0.2.4. (#2368)


  • Deprecated in favor of the DynamicRESTMapper implementation in controller-runtime. (#2309)

Bug Fixes

  • Fix operator-sdk build's --image-build-args to support spaces within quotes like --label"First Last". (#2312)
  • Fix misleading Helm operator "release not found" errors during CR deletion. (#2359)
  • Fix Ansible based image in order to re-trigger reconcile when playbooks are runner with error. (#2375)



  • Support for vars in top level ansible watches. (#2147)
  • Support for "ansible.operator-sdk/verbosity" annotation on Custom Resources watched by Ansible based operators to override verbosity on an individual resource. (#2102)
  • Support for relative helm chart paths in the Helm operator's watches.yaml file. (#2287)
  • New operator-sdk generate crds subcommand, which generates CRDs from Go types. (#2276)
  • Go API code can now be annotated to populate a CSV's spec.customresourcedefinitions.owned field on invoking olm-catalog gen-csv. (#1162)


  • Upgrade minimal Ansible version in the init projects from 2.4 to 2.6. (#2107)
  • Upgrade Kubernetes version from kubernetes-1.15.4 to kubernetes-1.16.2. (#2145)
  • Upgrade Helm version from v2.15.0 to v2.16.1. (#2145)
  • Upgrade controller-runtime version from v0.3.0 to v0.4.0. (#2145)
  • Updated pkg/test/e2eutil.WaitForDeployment() and pkg/test/e2eutil.WaitForOperatorDeployment() to successfully complete waiting when the available replica count is at least (rather than exactly) the minimum replica count required. (#2248)
  • Replace in the Ansible based operators module tests k8s_info for k8s_facts which is deprecated. (#2168)
  • Upgrade the Ansible version from 2.8 to 2.9 on the Ansible based operators image. (#2168)
  • Updated CRD generation for non-Go operators to use valid structural schema. (#2275)
  • Replace Role verb "*" with list of verb strings in generated files so the Role is compatible with OpenShift and Kubernetes. (#2175)
  • Breaking change: An existing CSV's spec.customresourcedefinitions.owned is now always overwritten except for each name, version, and kind on invoking olm-catalog gen-csv when Go API code annotations are present. (#1162)
  • Ansible and Helm operator reconcilers use a cached client for reads instead of the default unstructured client. (#1047)


  • Deprecated the operator-sdk generate openapi command. CRD generation is still supported with operator-sdk generate crds. It is now recommended to use openapi-gen directly for OpenAPI code generation. The generate openapi subcommand will be removed in a future release. (#2276)

Bug Fixes

  • Fixed log formatting issue that occurred while loading the configuration for Ansible-based operators. (#2246)
  • Fix issue faced in the Ansible based operators when jmespath queries are used because it was not installed. (#2252)
  • Updates operator-sdk build for go operators to compile the operator binary based on Go's built-in GOARCH detection. This fixes an issue that caused an amd64 binary to be built into non-amd64 base images when using operator-sdk on non-amd64 architectures. (#2268)
  • Fix scorecard behavior such that a CSV file is read correctly when olm-deployed is set to true. (#2274)
  • A CSV config's operator-name field will be used if --operator-name is not set. (#2297)
  • Populates a CSV's spec.install strategy if either name or strategy body are missing with a deployment-type strategy. (#2298)
  • When the current leader pod has been hard evicted but not deleted, another pod is able to delete the evicted pod, triggering garbage collection and allowing leader election to continue. (#2210)



  • Added Operator Version: X.Y.Z information in the operator logs.(#1953)
  • Make Ansible verbosity configurable via the ansible-verbosity flag. (#2087)
  • Autogenerate CLI documentation via make cli-doc (#2099)


  • Breaking change: Changed required Go version from 1.12 to 1.13. This change applies to the SDK project itself and Go projects scaffolded by the SDK. Projects that import this version of the SDK require Go 1.13 to compile. (#1949)
  • Upgrade Kubernetes version from kubernetes-1.14.1 to kubernetes-1.15.4. (#2083)
  • Upgrade Helm version from v2.14.1 to v2.15.0. (#2083)
  • Upgrade controller-runtime version from v0.2.0 to v0.3.0. (#2083)
  • Upgrade controller-tools version from v0.2.1+git to v0.2.2. (#2083)


  • Removed --dep-manager flag and support for dep-based projects. Projects will be scaffolded to use Go modules. (#1949)

Bug Fixes

  • OLM internal manager is not returning errors in the initialization. (#1976)
  • Added missing default role permission for deployments, which is required to create the metrics service for the operator. (#2090)
  • Handle invalid maxArtifacts annotation on CRs for Ansible based operators. (2093)
  • When validating package manifests, only return an error if default channel is not set and more than one channel is available. (#2116)



  • Added support for event filtering for ansible operator. (#1968)
  • Added new --skip-generation flag to the operator-sdk add api command to support skipping generation of deepcopy and OpenAPI code and OpenAPI CRD specs. (#1890)
  • The operator-sdk olm-catalog gen-csv command now produces indented JSON for the alm-examples annotation. (#1793)
  • Added flag --dep-manager to command operator-sdk print-deps to specify the type of dependency manager file to print. The choice of dependency manager is inferred from top-level dependency manager files present if --dep-manager is not set. (#1819)
  • Ansible based operators now gather and serve metrics about each custom resource on port 8686 of the metrics service. (#1723)
  • Added the Go version, OS, and architecture to the output of operator-sdk version (#1863)
  • Added support for ppc64le-linux for the operator-sdk binary and the Helm operator base image. (#1533)
  • Added new --version flag to the operator-sdk scorecard command to support a new output format for the scorecard. (#1916
  • Added new --selector flag to the operator-sdk scorecard command to support filtering scorecard tests based on labels added to each test. (#1916
  • Added new --list flag to the operator-sdk scorecard command to support listing scorecard tests that would be executed based on selector filters. (#1916
  • For scorecard version v1alpha2 only, return code logic was added to return 1 if any of the selected scorecard tests fail. A return code of 0 is returned if all selected tests pass. (#1916


  • The Helm operator now uses the CR name for the release name for newly created CRs. Existing CRs will continue to use their existing UID-based release name. When a release name collision occurs (when CRs of different types share the same name), the second CR will fail to install with an error about a duplicate name. (#1818)
  • Commands olm uninstall and olm status no longer use a --version flag to specify OLM version. This information is now retrieved from the running cluster. (#1634)
  • The Helm operator no longer prints manifest diffs in the operator log at verbosity levels lower than INFO (#1857)
  • CRD manifest spec.version is still supported, but users will see a warning message if spec.versions is not present and an error if spec.versions is populated but the version in spec.version is not in spec.versions. (#1876)
  • Upgrade base image for Go, Helm, and scorecard proxy from to (#1952)
  • Upgrade base image for Ansible from to (#1990 and #2004)
  • Updated kube-state-metrics dependency from v1.6.0 to v1.7.2. (#1943)

Breaking changes

  • Upgrade Kubernetes version from kubernetes-1.13.4 to kubernetes-1.14.1 (#1876)
  • Upgrade version from b8a4faf68e36feb6d99a6aec623b405e587b17b1 to 0.10.1 (#1876)
  • Upgrade controller-runtime version from v0.1.12 to v0.2.0 (#1876)
    • The package is deprecated, and contains no code. Replace this import with where relevant.
    • The package is deprecated. Replace this import with where relevant.
    • The package is deprecated. Replace this import with where relevant.
    • All methods on (except for Get()) have been updated. Instead of each using a struct-typed or variadic functional option parameter, or having no option parameter, each now uses a variadic interface option parameter typed for each method. See List() below for an example.
    •'s List() method signature has been updated: List(ctx context.Context, opts *client.ListOptions, list runtime.Object) error is now List(ctx context.Context, list runtime.Object, opts ...client.ListOption) error. To migrate:
      import (
      // Old
      listOpts := &client.ListOptions{}
      err = r.client.List(context.TODO(), listOps, podList)
      // New
      listOpts := []client.ListOption{
      err = r.client.List(context.TODO(), podList, listOpts...)
  • pkg/test.FrameworkClient methods List() and Delete() have new signatures corresponding to the homonymous methods of (#1876)
  • CRD file names were previously of the form <group>_<version>_<kind>_crd.yaml. Now that CRD manifest spec.version is deprecated in favor of spec.versions, i.e. multiple versions can be specified in one CRD, CRD file names have the form <full group>_<resource>_crd.yaml. <full group> is the full group name of your CRD while <group> is the last subdomain of <full group>, ex. vs foo. <resource> is the plural lower-case CRD Kind found at spec.names.plural. (#1876)
  • Upgrade Python version from 2.7 to 3.6, Ansible version from 2.8.0 to ~=2.8 and ansible-runner from 1.2 to 1.3.4 in the Ansible based images. (#1947)
  • Made the default scorecard version v1alpha2 which is new for this release and could break users that were parsing the older scorecard output (v1alpha1). Users can still specify version v1alpha1 on the scorecard configuration to use the older style for some period of time until v1alpha1 is removed.
  • Replaced pkg/kube-metrics.NewCollectors() with pkg/kube-metrics.NewMetricsStores() and changed exported function signature for pkg/kube-metrics.ServeMetrics() due to a breaking change in kube-state-metrics. (#1943)



  • Removed flag --as-file from command operator-sdk print-deps, which now only prints packages and versions in dependency manager file format. The choice of dependency manager type is set by --dep-manager or inferred from top-level dependency manager files present if --dep-manager is not set. (#1819)

Bug Fixes

  • Configure the repo path correctly in operator-sdk add crd and prevent the command from running outside of an operator project. (#1660)
  • In the Helm operator, skip owner reference injection for cluster-scoped resources in release manifests. The Helm operator only supports namespace-scoped CRs, and namespaced resources cannot own cluster-scoped resources. (#1817)
  • Package manifests generated with gen-csv respect the --operator-name flag, channel names are checked for duplicates before (re-)generation. (#1693)
  • Generated inventory for Ansible-based Operators now sets the localhost's ansible_python_interpreter to {{ ansible_playbook_python }}, to properly match the implicit localhost. (#1952)
  • Fixed an issue in operator-sdk olm-catalog gen-csv where the generated CSV is missing the expected set of owned CRDs. (#2017)
  • The command operator-sdk olm-catalog gen-csv --csv-version=<version> --update-crds would fail to copy over CRD manifests into deploy/olm-catalog for manifests whose name didn't end with a _crd.yaml suffix. This has been fixed so gen-csv now copies all CRD manifests specified by deploy/olm-catalog/csv_config.yaml by checking the type of the manifest rather than the filename suffix. (#2015)
  • Added missing jmespath dependency to Ansible-based Operator .travis.yml file template. (#2027)
  • Fixed invalid usage of logr.Logger.Info() in the Ansible-based operator implementation, which caused unnecessary operator panics. (#2031)



  • Document new compile-time dependency mercurial in user-facing documentation. (#1683)
  • Adds new flag --zap-time-encoding to the flagset provided by pkg/log/zap. This flag configures the timestamp format produced by the zap logger. See the logging doc for more information. (#1529)


  • Breaking Change: New configuration format for the operator-sdk scorecard using config files. See doc/test-framework/scorecard for more info (#1641)
  • Breaking change: CSV config field role-path is now role-paths and takes a list of strings. Users can now specify multiple Role and ClusterRole manifests using role-paths. (#1704)
  • Make ready package idempotent. Now, a user can call Set() or Unset() to set the operator's readiness without knowing the current state. (#1761)

Bug Fixes

  • Check if metadata.annotations['alm-examples'] is non-empty before creating contained CR manifests in the scorecard. (#1789)



  • Adds support for building OCI images with podman, e.g. operator-sdk build --image-builder=podman. (#1488)
  • New option for operator-sdk up local --enable-delve, which can be used to start the operator in remote debug mode with the delve debugger listening on port 2345. (#1422)
  • Enables controller-runtime metrics in Helm operator projects. (#1482)
  • New flags --vendor and --skip-validation for operator-sdk new that direct the SDK to initialize a new project with a vendor/ directory, and without validating project dependencies. vendor/ is not written by default. (#1519)
  • Generating and serving info metrics about each custom resource. By default these metrics are exposed on port 8686. (#1277)
  • Scaffold a pkg/apis/<group>/group.go package file to avoid go/build errors when running Kubernetes code generators. (#1401)
  • Adds a new extra variable containing the unmodified CR spec for ansible based operators. #1563
  • New flag --repo for subcommands new and migrate specifies the repository path to be used in Go source files generated by the SDK. This flag can only be used with Go modules. (#1475)
  • Adds --go-build-args flag to operator-sdk build for providing additional Go build arguments. (#1582)
  • New flags --csv-channel and --default-channel for subcommand gen-csv that add channels to and update the package manifest in deploy/olm-catalog/<operator-name> when generating a new CSV or updating an existing one. (#1364)
  • Adds go.mod and go.sum to switch from dep to Go modules to manage dependencies for the SDK project itself. (#1566)
  • New flag --operator-name for operator-sdk olm-catalog gen-csv to specify the operator name, ex. memcached-operator, to use in CSV generation. The project's name is used (old behavior) if --operator-name is not set. (#1571)
  • New flag --local-operator-flags for operator-sdk test local --up-local to specify flags to run a local operator with during a test. (#1509)


  • Upgrade the version of the dependency controller-runtime from v0.1.10 to v0.1.12. (#1612)
  • Remove TypeMeta declaration from the implementation of the objects (#1462)
  • Relaxed API version format check when parsing pkg/apis in code generators. API dir structures can now be of the format pkg/apis/<group>/<anything>, where <anything> was previously required to be in the Kubernetes version format, ex. v1alpha1. (#1525)
  • The SDK and operator projects will work outside of $GOPATH/src when using Go modules. (#1475)
  • CreateMetricsService() function from the metrics package accepts a REST config (*rest.Config) and an array of ServicePort objects ([]v1.ServicePort) as input to create Service metrics. CRPortName constant is added to describe the string of custom resource port name. (#1560 and #1626)
  • Changed the flag --skip-git-init to --git-init. This changes the default behavior of operator-sdk new to not initialize the new project directory as a git repository with git init. This behavior is now opt-in with --git-init. (#1588)
  • operator-sdk new will no longer create the initial commit for a new project, even with --git-init=true. (#1588)
  • When errors occur setting up the Kubernetes client for RBAC role generation, operator-sdk new --type=helm now falls back to a default RBAC role instead of failing. (#1627)


  • The SDK no longer depends on a vendor/ directory to manage dependencies only if using Go modules. The SDK and operator projects will only use vendoring if using dep, or modules and a vendor/ dir is present. (#1519)
  • Breaking change: ExposeMetricsPort is removed and replaced with CreateMetricsService() function. PrometheusPortName constant is replaced with OperatorPortName. (#1560)
  • Removes Gopkg.toml and Gopkg.lock to drop the use of dep in favor of Go modules to manage dependencies for the SDK project itself. (#1566)


Bug Fixes

  • Fixes header file content validation when the content contains empty lines or centered text. (#1544)
  • Generated CSV's that include a deployment install strategy will be checked for a reference to metadata.annotations['olm.targetNamespaces'], and if one is not found a reference will be added to the WATCH_NAMESPACE env var for all containers in the deployment. This is a bug because any other value that references the CSV's namespace is incorrect. (#1396)
  • Build -trimpath was not being respected. $GOPATH was not expanding because exec.Cmd{} is not executed in a shell environment. (#1535)
  • Running the scorecard with --olm-deployed will now only use the first CR set in either the cr-manifest config option or the CSV's metadata.annotations['alm-examples'] as was intended, and access manifests correctly from the config. (#1565)
  • Use the correct domain names when generating CRD's instead that of the first CRD to be parsed. (#1636)


Bug Fixes

  • Fixes a regression that causes Helm RBAC generation to contain an empty custom ruleset when the chart's default manifest contains only namespaced resources. (#1456)
  • Fixes an issue that causes Helm RBAC generation to fail when creating new operators with a Kubernetes context configured to connect to an OpenShift cluster. (#1461)



  • New option for operator-sdk build --image-builder, which can be used to specify which image builder to use. Adds support for buildah. (#1311)
  • Manager is now configured with a new DynamicRESTMapper, which accounts for the fact that the default RESTMapper, which only checks resource types at startup, can't handle the case of first creating a CRD and then an instance of that CRD. (#1329)
  • Unify CLI debug logging under a global --verbose flag (#1361)
  • Go module support by default for new Go operators and during Ansible and Helm operator migration. The dependency manager used for a new operator can be explicitly specified for new operators through the --dep-manager flag, available in operator-sdk new and operator-sdk migrate. dep is still available through --dep-manager=dep. (#1001)
  • New optional flag --custom-api-import for operator-sdk add controller to specify that the new controller reconciles a built-in or external Kubernetes API, and what import path and identifier it should have. (#1344)
  • Operator Scorecard plugin support. Documentation for scorecard plugins can be found in the main scorecard doc. (#1379)


  • When Helm operator projects are created, the SDK now generates RBAC rules in deploy/role.yaml based on the chart's default manifest. (#1188)
  • When debug level is 3 or higher, we will set the klog verbosity to that level. (#1322)
  • Relaxed requirements for groups in new project API's. Groups passed to operator-sdk add api's --api-version flag can now have no subdomains, ex core/v1. See (#1191) for discussion. (#1313)
  • Renamed --docker-build-args option to --image-build-args option for build subcommand, because this option can now be shared with other image build tools than docker when --image-builder option is specified. (#1311)
  • Reduces Helm release information in CR status to only the release name and manifest and moves it from status.conditions to a new top-level deployedRelease field. (#1309)
    • WARNING: Users with active CRs and releases who are upgrading their helm-based operator should upgrade to one based on v0.7.0 before upgrading further. Helm operators based on v0.8.0+ will not seamlessly transition release state to the persistent backend, and will instead uninstall and reinstall all managed releases.
  • Go operator CRDs are overwritten when being regenerated by operator-sdk generate openapi. Users can now rely on +kubebuilder annotations in their API code, which provide access to most OpenAPIv3 validation properties (the full set will be supported in the near future, see this PR) and other CRD fields. (#1278)
  • Use base image for the Go and Helm operators and scorecard proxy (#1376)
  • Allow "Owned CRDs Have Resources Listed" scorecard test to pass if the resources section exists


  • The SDK will no longer run defaulter-gen on running operator-sdk generate k8s. Defaulting for CRDs should be handled with mutating admission webhooks. (#1288)
  • The --version flag was removed. Users should use the operator-sdk version command. (#1444)
  • Breaking Change: The test cluster subcommand and the corresponding --enable-tests flag for the build subcommand have been removed (#1414)
  • Breaking Change: The --cluster-scoped flag for operator-sdk new has been removed so it won't scaffold a cluster-scoped operator. Read the operator scope documentation on the changes needed to run a cluster-scoped operator. (#1434)

Bug Fixes


Bug Fixes

  • Pin dependency versions in Ansible build and test framework Dockerfiles to fix broken build and test framework images. (#1348)
  • In Helm-based operators, when a custom resource with a failing release is reverted back to a working state, the ReleaseFailed condition is now correctly removed. (#1321)




  • Updated the helm-operator to store release state in kubernetes secrets in the same namespace of the custom resource that defines the release. (#1102)
    • WARNING: Users with active CRs and releases who are upgrading their helm-based operator should not skip this version. Future versions will not seamlessly transition release state to the persistent backend, and will instead uninstall and reinstall all managed releases.
  • Change namespace-manifest flag in scorecard subcommand to namespaced-manifest to match other subcommands
  • Subcommands of operator-sdk generate are now verbose by default. (#1271)
  • operator-sdk olm-catalog gen-csv parses Custom Resource manifests from deploy/crds or a custom path specified in csv-config.yaml, encodes them in a JSON array, and sets the CSV's metadata.annotations.alm-examples field to that JSON. (#1116)

Bug Fixes

  • Fixed an issue that caused operator-sdk new --type=helm to fail for charts that have template files in nested template directories. (#1235)
  • Fix bug in the YAML scanner used by operator-sdk test and operator-sdk scorecard that could result in a panic if a manifest file started with --- (#1258)



  • New flags for operator-sdk new --type=helm, which can be used to populate the project with an existing chart. (#949)
  • Command operator-sdk olm-catalog flag --update-crds optionally copies CRD's from deploy/crds when creating a new CSV or updating an existing CSV, and --from-version uses another versioned CSV manifest as a base for a new CSV version. (#1016)
  • New flag --olm-deployed to direct the scorecard command to only use the CSV at --csv-path for manifest data, except for those provided to --cr-manifest. (#1044)
  • Command version prints the version of operator-sdk. (#1171)


  • Changed the Go, Helm, and Scorecard base images to (#1142)
  • CSV manifest are now versioned according to the operator-registry manifest format. See issue #900 for more details. (#1016)
  • Unexported CleanupNoT function from pkg/test, as it is only intended to be used internally (#1167)

Bug Fixes

  • Fix issue where running operator-sdk test local --up-local would sometimes leave a running process in the background after exit (#1089)



  • Updated the Kubernetes dependencies to 1.13.1 (#1020)
  • Updated the controller-runtime version to v0.1.10. See the controller-runtime v0.1.10 release notes for new features and bug fixes. (#1020)
  • By default the controller-runtime metrics are exposed on port 8383. This is done as part of the scaffold in the main.go file, the port can be adjusted by modifying the metricsPort variable. #786
  • A new command operator-sdk olm-catalog to be used as a parent for SDK subcommands generating code related to Operator Lifecycle Manager (OLM) Catalog integration, and subcommand operator-sdk olm-catalog gen-csv which generates a Cluster Service Version for an operator so the OLM can deploy the operator in a cluster. (#673)
  • Helm-based operators have leader election turned on by default. When upgrading, add environment variable POD_NAME to your operator's Deployment using the Kubernetes downward API. To see an example, run operator-sdk new --type=helm ... and see file deploy/operator.yaml. #1000
  • A new command operator-sdk generate openapi which generates OpenAPIv3 validation specs in Go and in CRD manifests as YAML. (#869)
  • The operator-sdk add api command now generates OpenAPIv3 validation specs in Go for that API, and in all CRD manifests as YAML.


  • In new Helm operator projects, the scaffolded CR spec field now contains the default values.yaml from the generated chart. (#967)



Bug Fixes


Bug Fixes

  • Make up local subcommand respect KUBECONFIG env var (#996)
  • Make up local subcommand use default namespace set in kubeconfig instead of hardcoded default and also add ability to watch all namespaces for ansible and helm type operators (#996)
  • Added k8s_status modules back to generation (#972)
  • Update checks for gvk registration to cover all cases for ansible (#973 & #1019)
  • Update reconciler for ansible and helm to use the cache rather than the API client. (#1022 & #1048 & #1054)
  • Update reconciler to will update the status everytime for ansible (#1066)
  • Update ansible proxy to recover dependent watches when pod is killed (#1067)
  • Update ansible proxy to handle watching cluster scoped dependent watches (#1031)



  • A new command operator-sdk migrate which adds a main.go source file and any associated source files for an operator that is not of the "go" type. (#887 and #897)
  • New commands operator-sdk run ansible and operator-sdk run helm which run the SDK as ansible and helm operator processes, respectively. These are intended to be used when running in a Pod inside a cluster. Developers wanting to run their operator locally should continue to use up local. (#887 and #897)
  • Ansible operator proxy added the cache handler which allows the get requests to use the operators cache. #760
  • Ansible operator proxy added ability to dynamically watch dependent resource that were created by ansible operator. #857
  • Ansible-based operators have leader election turned on by default. When upgrading, add environment variable POD_NAME to your operator's Deployment using the Kubernetes downward API. To see an example, run operator-sdk new --type=ansible ... and see file deploy/operator.yaml.
  • A new command operator-sdk scorecard which runs a series of generic tests on operators to ensure that an operator follows best practices. For more information, see the scorecard documentation


Bug Fixes

  • Fixes deadlocks during operator deployment rollouts, which were caused by operator pods requiring a leader election lock to become ready (#932)



  • Helm type operator generation support (#776)


  • The SDK's Kubernetes Golang dependency versions/revisions have been updated from v1.11.2 to v1.12.3. (#807)
  • The controller-runtime version has been updated from v0.1.4 to v0.1.8. See the v0.1.8 release notes for details.
  • The SDK now generates the CRD with the status subresource enabled by default. See the client doc on how to update the status subresource. (#787)



Bug Fixes


Bug Fixes

  • Pin controller-runtime version to v0.1.4 to fix dependency issues and pin ansible idna package to version 2.7 (#831)



  • The SDK now uses logr as the default logger to unify the logging output with the controller-runtime logs. Users can still use a logger of their own choice. See the logging doc on how the SDK initializes and uses logr.
  • Ansible Operator CR status better aligns with conventions. (#639)


  • A new command operator-sdk print-deps which prints Golang packages and versions expected by the current Operator SDK version. Supplying --as-file prints packages and versions in Gopkg.toml format. (#772)
  • Add cluster-scoped flag to operator-sdk new command (#747)
  • Add up-local flag to test local subcommand (#781)
  • Add no-setup flag to test local subcommand (#770)
  • Add image flag to test local subcommand (#768)
  • Ansible Operator log output includes much more information for troubleshooting ansible errors. (#713)
  • Ansible Operator periodic reconciliation can be disabled (#739)

Bug fixes

  • Make operator-sdk command work with composed GOPATH (#676)
  • Ansible Operator "--kubeconfig" command line option fixed (#705)


Bug fixes

  • Fix hardcoded CRD version in crd scaffold (#690)





  • Service account generation (#454)
  • Leader election (#530)
  • Incluster test support for test framework (#469)
  • Ansible type operator generation support (#486, #559)


  • Moved the rendering of deploy/operator.yaml to the operator-sdk new command instead of operator-sdk build



  • Added operator-sdk up command to help deploy an operator. Currently supports running an operator locally against an existing cluster e.g operator-sdk up local --kubeconfig=<path-to-kubeconfig> --namespace=<operator-namespace>. See operator-sdk up -h for help. #219 #274
  • Added initial default metrics to be captured and exposed by Prometheus. #323 exposes the metrics port and #349 adds the initial default metrics.
  • Added initial test framework for operators #377, #392, #393


  • All the modules in pkg/sdk have been combined into a single package. action, handler, informer types and query pkgs have been consolidated into pkg/sdk. #242
  • The SDK exposes the Kubernetes clientset via k8sclient.GetKubeClient() #295
  • The SDK now vendors the k8s code-generators for an operator instead of using the prebuilt image #319
  • The SDK exposes the Kubernetes rest config via k8sclient.GetKubeConfig() #338
  • Use time.Duration instead of int for sdk.Watch #427


  • The cache of available clients is being reset every minute for discovery of newely added resources to a cluster. #280