Operator 4.2.17

Other Changes

• Implemented enhancement request #5344 to support enabling readOnlyRootFilesystem in the security context. When this attribute is enabled, the operator will update the temporary directory to within the mount path of an empty volume and adjust other settings to support this use case.
• Implemented support for automountServiceAccountToken.
• Added a pair of additional metrics to the operator's metrics endpoint to track the number of managed namespaces (wko_namespace_count) and the number of domains found in a given namespace (wko_domain_count).

Bug Fixes

• Resolved an issue where the operator and webhook would not consistently have sufficient privilege to list domain and cluster resources on more restrictive Kubernetes cluster environments.
• Updated container scripts to consistently trap SIGKILL and SIGTERM so that these scripts exit cleanly.
• Resolved an issue in the node manager script related to incorrectly using the LOG_HOME_LAYOUT setting.
• Updated the sidecar containers created for the monitoring exporter, Fluentd, and Fluentbit integrations to correctly use the configured container security context.
• Resolved an issue with the domain status observedGeneration was not correctly updated following a model-in-image online update.
• Improved the resiliency of the operator's periodic listing of namespaces to look for namespaces that should be managed and connected this to the liveness probe so that the operator will restart more consistently if the namespace listing is failing.
• Resolved an issue with configurations for the monitoring exporter that contain stringValues, such as involving server runtime states.

Full Changelog: v4.2.16...v4.2.17

Operator 4.2.16

Other Changes

• The default WebLogic Monitoring Exporter version is now 2.3.0. This version of the Monitoring Exporter, including the WAR file packaging, supports deploying on WebLogic versions supporting either the Java EE or Jakarta EE specifications.
• The operator now supports using WDT models encrypted using the WDT encrypt model command associated with initializeDomainOnPV use cases.

Bug Fixes

• The introspection job now correctly supports the configuration of init containers.
• The operator defines default pod-level and container-level values for securityContext; however, there was previously no way to suppress the container-level default if the customer specified their own pod-level values. Now, the operator will not apply the default container-level securityContext if the customer has specified a value for podSecurityContext.
• The schema conversion webhook will now correctly update the Domain and Cluster custom resource definitions (CRD's) in all cases when it has the required cluster permissions to do so and the Helm chart was not installed in dedicated mode.

Full Changelog: v4.2.15...v4.2.16

Operator 4.2.15

Bug Fixes

• Resolved an issue where the podSecurityContext configuration in serverPod was not correctly applied to the init-container that is associated with auxiliary image processing.

Full Changelog: v4.2.14...v4.2.15

Operator 4.2.14

Bug Fixes

• Resolved a set of related issues in the Helm chart that prevented successful installation on OpenShift environments. The first issue was that the Helm chart would attempt to list webhook deployments even when the operatorOnly=true value was set. The second issue was that the chart would not use the runAsUser value even if explicitly set.

Full Changelog: v4.2.13...v4.2.14

Operator 4.2.13

Other Changes

• The default WebLogic Monitoring Exporter version is now 2.2.2.
• Support has been significantly improved for customer use cases where a third-party organization or separate infrastructure team is responsible for managing the Kubernetes cluster and the team installing the operator has privilege only within a single namespace. The infrastructure team will be responsible for installing the CRD documents. The operator must be installed without including the webhook deployment. See Local namespace only with cluster role binding disabled for details and options.

Full Changelog: v4.2.12...v4.2.13

Operator 4.2.12

Bug Fixes

• Resolved an issue where the $DOMAIN_HOME/lib directory was not properly copied for auxiliary images

Full Changelog: v4.2.11...v4.2.12

Operator 4.2.11

Bug Fixes

• Resolved an issue where managed server rolling doesn't proceed because the readiness probe configuration has changed but where the new probe configuration isn't valid until after the instance is restarted.

Full Changelog: v4.2.10...v4.2.11

Operator 4.2.10

Bug Fixes

• Resolved an NPE related to FiberGate processing that could prevent the operator from initializing properly.

Full Changelog: v4.2.9...v4.2.10

Operator 4.2.9

Bug Fixes

• Resolved an issue where the operator did not recover from a prolonged outage of the Kubernetes control plane, such as during a Kubernetes version upgrade.

Full Changelog: v4.2.8...v4.2.9

Operator 4.2.8

Bug Fixes

• Resolved #5070 regarding the operator not properly honoring the pod and container security context defaults or configuration.

Full Changelog: v4.2.7...v4.2.8