elastic/cloud-on-k8s
### [`v2.8.0`](https://togithub.com/elastic/cloud-on-k8s/releases/tag/v2.8.0): 2.8.0
[Compare Source](https://togithub.com/elastic/cloud-on-k8s/compare/v2.7.0...v2.8.0)
### Elastic Cloud on Kubernetes 2.8.0
> **`Warning`** This release includes a hardened default security context for Elasticsearch containers. It is highly recommended to test against a staging environment before deploying to production.
- [Release highlights](https://www.elastic.co/guide/en/cloud-on-k8s/2.8/release-highlights-2.8.0.html)
- [Quickstart guide](https://www.elastic.co/guide/en/cloud-on-k8s/2.8/k8s-quickstart.html)
#### Breaking changes
- Use provided base path for stackconfigpolicy's snapshot repository [#6689](https://togithub.com/elastic/cloud-on-k8s/issues/6689) (issue: [#6692](https://togithub.com/elastic/cloud-on-k8s/issues/6692))
- APM Server: Fix secret token config for APM Server 8.0+ [#6769](https://togithub.com/elastic/cloud-on-k8s/issues/6769) (issue: [#6768](https://togithub.com/elastic/cloud-on-k8s/issues/6768))
#### New features
- Introduce the Logstash operator for ECK [#6732](https://togithub.com/elastic/cloud-on-k8s/issues/6732) (issue: [#1453](https://togithub.com/elastic/cloud-on-k8s/issues/1453))
#### Enhancements
##### Elasticsearch
- Call \_nodes/shutdown from pre-stop hook [#6544](https://togithub.com/elastic/cloud-on-k8s/issues/6544) (issue: [#6478](https://togithub.com/elastic/cloud-on-k8s/issues/6478))
- Create Elasticsearch client for observer only if needed [#6407](https://togithub.com/elastic/cloud-on-k8s/issues/6407) (issue: [#6090](https://togithub.com/elastic/cloud-on-k8s/issues/6090))
- Add the full CA certificate chain to trusted HTTP certs for Elasticsearch [#6681](https://togithub.com/elastic/cloud-on-k8s/issues/6681) (issue: [#6574](https://togithub.com/elastic/cloud-on-k8s/issues/6574))
- Allow custom certificates on the transport layer [#6727](https://togithub.com/elastic/cloud-on-k8s/issues/6727) (issue: [#6479](https://togithub.com/elastic/cloud-on-k8s/issues/6479))
- Hardened Security Context for Elasticsearch [#6703](https://togithub.com/elastic/cloud-on-k8s/issues/6703) (issue: [#6126](https://togithub.com/elastic/cloud-on-k8s/issues/6126))
##### Helm charts
- Enable hostNetwork support in eck-operator Helm chart [#6636](https://togithub.com/elastic/cloud-on-k8s/issues/6636)
- Add PodDisruptionBudget to eck-operator Helm chart [#6671](https://togithub.com/elastic/cloud-on-k8s/issues/6671)
##### ECK Operator
- Add operator flag to define webhook port [#6691](https://togithub.com/elastic/cloud-on-k8s/issues/6691) (issue: [#6655](https://togithub.com/elastic/cloud-on-k8s/issues/6655))
- Add operator flag to define global container repository [#6737](https://togithub.com/elastic/cloud-on-k8s/issues/6737) (issue: [#6643](https://togithub.com/elastic/cloud-on-k8s/issues/6643))
##### Fleet
- Deprecate is_default and is_default_fleet_server flags [#6724](https://togithub.com/elastic/cloud-on-k8s/issues/6724) (issue: [#6678](https://togithub.com/elastic/cloud-on-k8s/issues/6678))
#### Bug fixes
- Fix doc attributes in stack-helm-chart.asciidoc [#6742](https://togithub.com/elastic/cloud-on-k8s/issues/6742)
- Do not set FLEET_CA for well-known CAs [#6733](https://togithub.com/elastic/cloud-on-k8s/issues/6733) (issue: [#6673](https://togithub.com/elastic/cloud-on-k8s/issues/6673))
- Fix default `elasticsearch-data` volumeMount configuration [#6725](https://togithub.com/elastic/cloud-on-k8s/issues/6725) (issue: [#6186](https://togithub.com/elastic/cloud-on-k8s/issues/6186))
- Conditionally set container-suffix in ECK config [#6711](https://togithub.com/elastic/cloud-on-k8s/issues/6711) (issue: [#6695](https://togithub.com/elastic/cloud-on-k8s/issues/6695))
- \[helm-chart] Include webhook client configuration CA only when certificates are not managed by the operator or cert-manager [#6642](https://togithub.com/elastic/cloud-on-k8s/issues/6642) (issue: [#6641](https://togithub.com/elastic/cloud-on-k8s/issues/6641))
- Remove default for daemonset/deployment in eck-beats & eck-agent Helm Charts [#6621](https://togithub.com/elastic/cloud-on-k8s/issues/6621) (issue: [#6330](https://togithub.com/elastic/cloud-on-k8s/issues/6330))
#### Documentation improvements
- Documentation for running ECK, Elasticsearch, and Kibana on GKE Autopilot [#6760](https://togithub.com/elastic/cloud-on-k8s/issues/6760)
- Contributing page updated with Helm chart tests suite [#6744](https://togithub.com/elastic/cloud-on-k8s/issues/6744)
- Documentation for Logstash on ECK [#6743](https://togithub.com/elastic/cloud-on-k8s/issues/6743)
- Add 2.6 and 2.7 to the triggered restart list [#6786](https://togithub.com/elastic/cloud-on-k8s/issues/6786) (issue: [#6765](https://togithub.com/elastic/cloud-on-k8s/issues/6765))
#### Misc
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible [#6801](https://togithub.com/elastic/cloud-on-k8s/issues/6801)
- Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 [#6549](https://togithub.com/elastic/cloud-on-k8s/issues/6549)
- Update docker.io/library/golang Docker tag to v1.20.4 [#6752](https://togithub.com/elastic/cloud-on-k8s/issues/6752)
- Update github.com/docker/docker [#6654](https://togithub.com/elastic/cloud-on-k8s/issues/6654)
- Update k8s to v0.26.3 [#6546](https://togithub.com/elastic/cloud-on-k8s/issues/6546)
- Update k8s.io/client-go to v0.26.5 [#6849](https://togithub.com/elastic/cloud-on-k8s/issues/6849)
- Update module cloud.google.com/go/storage to v1.30.0 [#6531](https://togithub.com/elastic/cloud-on-k8s/issues/6531)
- Update module github.com/go-git/go-git/v5 to v5.6.1 [#6536](https://togithub.com/elastic/cloud-on-k8s/issues/6536)
- Update module github.com/go-logr/logr to v1.2.4 [#6625](https://togithub.com/elastic/cloud-on-k8s/issues/6625)
- Update module github.com/google/go-containerregistry to v0.14.0 [#6532](https://togithub.com/elastic/cloud-on-k8s/issues/6532)
- Update module github.com/hashicorp/vault/api to v1.9.1 [#6707](https://togithub.com/elastic/cloud-on-k8s/issues/6707)
- Update module github.com/imdario/mergo to v0.3.15 [#6581](https://togithub.com/elastic/cloud-on-k8s/issues/6581)
- Update module github.com/operator-framework/operator-registry to v1.26.5 [#6622](https://togithub.com/elastic/cloud-on-k8s/issues/6622)
- Update module github.com/prometheus/client_golang to v1.15.0 [#6686](https://togithub.com/elastic/cloud-on-k8s/issues/6686)
- Update module github.com/spf13/cobra to v1.7.0 [#6647](https://togithub.com/elastic/cloud-on-k8s/issues/6647)
- Update module go.elastic.co/apm/module/apmelasticsearch/v2 to v2.3.0 [#6631](https://togithub.com/elastic/cloud-on-k8s/issues/6631)
- Update module go.elastic.co/apm/module/apmzap/v2 to v2.3.0 [#6633](https://togithub.com/elastic/cloud-on-k8s/issues/6633)
- Update module go.uber.org/automaxprocs to v1.5.2 [#6547](https://togithub.com/elastic/cloud-on-k8s/issues/6547)
- Update module golang.org/x/crypto to v0.8.0 [#6669](https://togithub.com/elastic/cloud-on-k8s/issues/6669)
- Update module golang.org/x/text to v0.9.0 [#6666](https://togithub.com/elastic/cloud-on-k8s/issues/6666)
- Update module google.golang.org/api to v0.115.0 [#6651](https://togithub.com/elastic/cloud-on-k8s/issues/6651)
- Update module sigs.k8s.io/controller-runtime to v0.14.6 [#6614](https://togithub.com/elastic/cloud-on-k8s/issues/6614)
- Update module sigs.k8s.io/controller-tools to v0.11.4 [#6718](https://togithub.com/elastic/cloud-on-k8s/issues/6718)
- Update modules go.elastic.co/apm/\* to v2.4.1 [#6739](https://togithub.com/elastic/cloud-on-k8s/issues/6739)
- Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.7-1107 [#6646](https://togithub.com/elastic/cloud-on-k8s/issues/6646)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
2.7.0
->2.8.0
Release Notes
elastic/cloud-on-k8s
### [`v2.8.0`](https://togithub.com/elastic/cloud-on-k8s/releases/tag/v2.8.0): 2.8.0 [Compare Source](https://togithub.com/elastic/cloud-on-k8s/compare/v2.7.0...v2.8.0) ### Elastic Cloud on Kubernetes 2.8.0 > **`Warning`** This release includes a hardened default security context for Elasticsearch containers. It is highly recommended to test against a staging environment before deploying to production. - [Release highlights](https://www.elastic.co/guide/en/cloud-on-k8s/2.8/release-highlights-2.8.0.html) - [Quickstart guide](https://www.elastic.co/guide/en/cloud-on-k8s/2.8/k8s-quickstart.html) #### Breaking changes - Use provided base path for stackconfigpolicy's snapshot repository [#6689](https://togithub.com/elastic/cloud-on-k8s/issues/6689) (issue: [#6692](https://togithub.com/elastic/cloud-on-k8s/issues/6692)) - APM Server: Fix secret token config for APM Server 8.0+ [#6769](https://togithub.com/elastic/cloud-on-k8s/issues/6769) (issue: [#6768](https://togithub.com/elastic/cloud-on-k8s/issues/6768)) #### New features - Introduce the Logstash operator for ECK [#6732](https://togithub.com/elastic/cloud-on-k8s/issues/6732) (issue: [#1453](https://togithub.com/elastic/cloud-on-k8s/issues/1453)) #### Enhancements ##### Elasticsearch - Call \_nodes/shutdown from pre-stop hook [#6544](https://togithub.com/elastic/cloud-on-k8s/issues/6544) (issue: [#6478](https://togithub.com/elastic/cloud-on-k8s/issues/6478)) - Create Elasticsearch client for observer only if needed [#6407](https://togithub.com/elastic/cloud-on-k8s/issues/6407) (issue: [#6090](https://togithub.com/elastic/cloud-on-k8s/issues/6090)) - Add the full CA certificate chain to trusted HTTP certs for Elasticsearch [#6681](https://togithub.com/elastic/cloud-on-k8s/issues/6681) (issue: [#6574](https://togithub.com/elastic/cloud-on-k8s/issues/6574)) - Allow custom certificates on the transport layer [#6727](https://togithub.com/elastic/cloud-on-k8s/issues/6727) (issue: [#6479](https://togithub.com/elastic/cloud-on-k8s/issues/6479)) - Hardened Security Context for Elasticsearch [#6703](https://togithub.com/elastic/cloud-on-k8s/issues/6703) (issue: [#6126](https://togithub.com/elastic/cloud-on-k8s/issues/6126)) ##### Helm charts - Enable hostNetwork support in eck-operator Helm chart [#6636](https://togithub.com/elastic/cloud-on-k8s/issues/6636) - Add PodDisruptionBudget to eck-operator Helm chart [#6671](https://togithub.com/elastic/cloud-on-k8s/issues/6671) ##### ECK Operator - Add operator flag to define webhook port [#6691](https://togithub.com/elastic/cloud-on-k8s/issues/6691) (issue: [#6655](https://togithub.com/elastic/cloud-on-k8s/issues/6655)) - Add operator flag to define global container repository [#6737](https://togithub.com/elastic/cloud-on-k8s/issues/6737) (issue: [#6643](https://togithub.com/elastic/cloud-on-k8s/issues/6643)) ##### Fleet - Deprecate is_default and is_default_fleet_server flags [#6724](https://togithub.com/elastic/cloud-on-k8s/issues/6724) (issue: [#6678](https://togithub.com/elastic/cloud-on-k8s/issues/6678)) #### Bug fixes - Fix doc attributes in stack-helm-chart.asciidoc [#6742](https://togithub.com/elastic/cloud-on-k8s/issues/6742) - Do not set FLEET_CA for well-known CAs [#6733](https://togithub.com/elastic/cloud-on-k8s/issues/6733) (issue: [#6673](https://togithub.com/elastic/cloud-on-k8s/issues/6673)) - Fix default `elasticsearch-data` volumeMount configuration [#6725](https://togithub.com/elastic/cloud-on-k8s/issues/6725) (issue: [#6186](https://togithub.com/elastic/cloud-on-k8s/issues/6186)) - Conditionally set container-suffix in ECK config [#6711](https://togithub.com/elastic/cloud-on-k8s/issues/6711) (issue: [#6695](https://togithub.com/elastic/cloud-on-k8s/issues/6695)) - \[helm-chart] Include webhook client configuration CA only when certificates are not managed by the operator or cert-manager [#6642](https://togithub.com/elastic/cloud-on-k8s/issues/6642) (issue: [#6641](https://togithub.com/elastic/cloud-on-k8s/issues/6641)) - Remove default for daemonset/deployment in eck-beats & eck-agent Helm Charts [#6621](https://togithub.com/elastic/cloud-on-k8s/issues/6621) (issue: [#6330](https://togithub.com/elastic/cloud-on-k8s/issues/6330)) #### Documentation improvements - Documentation for running ECK, Elasticsearch, and Kibana on GKE Autopilot [#6760](https://togithub.com/elastic/cloud-on-k8s/issues/6760) - Contributing page updated with Helm chart tests suite [#6744](https://togithub.com/elastic/cloud-on-k8s/issues/6744) - Documentation for Logstash on ECK [#6743](https://togithub.com/elastic/cloud-on-k8s/issues/6743) - Add 2.6 and 2.7 to the triggered restart list [#6786](https://togithub.com/elastic/cloud-on-k8s/issues/6786) (issue: [#6765](https://togithub.com/elastic/cloud-on-k8s/issues/6765)) #### Misc - Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible [#6801](https://togithub.com/elastic/cloud-on-k8s/issues/6801) - Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 [#6549](https://togithub.com/elastic/cloud-on-k8s/issues/6549) - Update docker.io/library/golang Docker tag to v1.20.4 [#6752](https://togithub.com/elastic/cloud-on-k8s/issues/6752) - Update github.com/docker/docker [#6654](https://togithub.com/elastic/cloud-on-k8s/issues/6654) - Update k8s to v0.26.3 [#6546](https://togithub.com/elastic/cloud-on-k8s/issues/6546) - Update k8s.io/client-go to v0.26.5 [#6849](https://togithub.com/elastic/cloud-on-k8s/issues/6849) - Update module cloud.google.com/go/storage to v1.30.0 [#6531](https://togithub.com/elastic/cloud-on-k8s/issues/6531) - Update module github.com/go-git/go-git/v5 to v5.6.1 [#6536](https://togithub.com/elastic/cloud-on-k8s/issues/6536) - Update module github.com/go-logr/logr to v1.2.4 [#6625](https://togithub.com/elastic/cloud-on-k8s/issues/6625) - Update module github.com/google/go-containerregistry to v0.14.0 [#6532](https://togithub.com/elastic/cloud-on-k8s/issues/6532) - Update module github.com/hashicorp/vault/api to v1.9.1 [#6707](https://togithub.com/elastic/cloud-on-k8s/issues/6707) - Update module github.com/imdario/mergo to v0.3.15 [#6581](https://togithub.com/elastic/cloud-on-k8s/issues/6581) - Update module github.com/operator-framework/operator-registry to v1.26.5 [#6622](https://togithub.com/elastic/cloud-on-k8s/issues/6622) - Update module github.com/prometheus/client_golang to v1.15.0 [#6686](https://togithub.com/elastic/cloud-on-k8s/issues/6686) - Update module github.com/spf13/cobra to v1.7.0 [#6647](https://togithub.com/elastic/cloud-on-k8s/issues/6647) - Update module go.elastic.co/apm/module/apmelasticsearch/v2 to v2.3.0 [#6631](https://togithub.com/elastic/cloud-on-k8s/issues/6631) - Update module go.elastic.co/apm/module/apmzap/v2 to v2.3.0 [#6633](https://togithub.com/elastic/cloud-on-k8s/issues/6633) - Update module go.uber.org/automaxprocs to v1.5.2 [#6547](https://togithub.com/elastic/cloud-on-k8s/issues/6547) - Update module golang.org/x/crypto to v0.8.0 [#6669](https://togithub.com/elastic/cloud-on-k8s/issues/6669) - Update module golang.org/x/text to v0.9.0 [#6666](https://togithub.com/elastic/cloud-on-k8s/issues/6666) - Update module google.golang.org/api to v0.115.0 [#6651](https://togithub.com/elastic/cloud-on-k8s/issues/6651) - Update module sigs.k8s.io/controller-runtime to v0.14.6 [#6614](https://togithub.com/elastic/cloud-on-k8s/issues/6614) - Update module sigs.k8s.io/controller-tools to v0.11.4 [#6718](https://togithub.com/elastic/cloud-on-k8s/issues/6718) - Update modules go.elastic.co/apm/\* to v2.4.1 [#6739](https://togithub.com/elastic/cloud-on-k8s/issues/6739) - Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.7-1107 [#6646](https://togithub.com/elastic/cloud-on-k8s/issues/6646)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.