2024-08-21
API / Control Plane
Fixed
- Fixed minor bugs in self-service plan handling.
- Fixed a rare race condition in synchronizing JobRunnerGroups into the cluster.
Security
- Dependency updates.
2025-08-07
Operator v1.1.0
If your team uses DevMesh for traffic routing, action may be required to ensure continued compatibility. This operator version replaces the DevMesh sidecar with new a version which is incompatible with older operators with respect to Smart Test functionality. These sidecars are not updated during operator upgrade via Helm, but rather via Kubernetes Webhooks. The CLI version 1.1 adds a command signadot cluster devmesh analyze
which identifies old devmesh sidecars and can be used to restart workloads which will in turn cause the sidecars to be updated.
Added
- Sandboxes now support a new sandboxed workload type called a VirtualWorkload used to intercept traffic to a baseline without providing an alternate backing workload.
- A new central
traffic-manager
replaces thesandbox-traffic-manager
sidecars. - The Helm install now supports providing the cluster token in values (
--set agent.clusterToken
) - The Helm install now supports providing the name of the Secret used to hold the cluster token (
--set agent.tokenSecret
) - All operator workloads except the routeserver now allow for configuring the number of replicas with Helm values.
Changed
- When running with Istio enabled, we now skip instrumentation of HTTPRoutes which contain matches for OTel
baggage
ortracestate
headers or custom headers. Such HTTPRoutes are problematic to combine with our request routing. - Kubernetes Probes no longer pass through the sandbox traffic manager in sandboxes, rather they go directly to the main application.
Removed
- The sandbox-traffic-manager component has been removed, including the associated
sandboxTrafficManager
helm values section. - Istio deprecatedHostRouting is no longer supported and has been removed from Helm values.
Fixed
- When running with Istio enabled, modified VirtualServices now preserve the exact syntax of pre-existing HTTPRoutes.
Security
- Upgrade of dependent libraries.
CLI v1.1.0
Added
signadot cluster devmesh analyze
command docs here.- Automatic refresh of login credentials.
- Downward API is now included in the output to
signadot sandbox get-env
Fixed
- Non-overriden environment variables are now pulled correctly with
signadot sandbox get-env
. - The case of no file mounts now produces correct output with
signadot sandbox get-files
.
Security
- Updated libraries
2025-08-06
API / Control Plane
Added
- Resources that are part of sandboxes can now be updated.
Fixed
- Handling of Argo Rollouts with
workloadRef
now returns an error indicating they are unsupported.
Security
- Dependency and image updates.
Dashboard
Added
- Self-service upgrades and downgrades to the Business plan, including the ability to purchase addons.
Backstage Plugin v0.1
Added
-
Backstage plugin published at version 0.1 (plugin listing, source).
2025-07-15
Dashboard
Added
- API Keys now show last used timestamp for all new API keys.
Fixed
- Fix analytics page label filtering to allow "/" in label keys / values.
- Fix analytics page default rate range.
- Fix content security policy to show user avatar on Dashboard.
API / Control Plane
Security
- Security dependency fixes.
2025-07-02
CLI v1.0.0
Added
- Support for extracting Environment Variables, ConfigMaps, and Secrets from the cluster to configure local processes in the context of local sandboxes. See the documentation for details.
Changed
signadot auth login
now opens a browser automatically when possible instead of only echoing a URL.
Security
- Upgrade dependent libraries, fixing some security vulnerabilities.
Dashboard
Fixed
- Fixed issue with overview page being unable to play linked videos due to Content Security Policy.
- Fixed operator upgrade notification to correctly apply to the v1.x series.
- Fixed incorrect date range being applied when setting start / end dates under Analytics.
- Fixed issue with adding new clusters not showing the created cluster token and instructions.
2025-06-27
Operator v1.0.0
The Helm values configuration for the signadot-controller-manager has been moved from the .operator.
namespace to the .controllerManager.
namespace. This change affects all custom configurations for the controller manager component. Please refer to the "Changed" section below for detailed migration information.
Added
- Experimental support for Istio Ambient mode (documentation).
- Support for custom labels and annotations for Istio and Linkerd components.
- Support for turning off
signadot local
access via ControlPlaneProxy using a helm parameter.
Changed
-
The Helm values configuration for the signadot-controller-manager has been moved from
.operator.
to.controllerManager.
namespace for improved clarity. The following values are affected:Old Configuration New Configuration operator.image
controllerManager.image
opeator.imagePullPolicy
controllerManager.imagePullPolicy
operator.resources
controllerManager.resources
operator.replicas
controllerManager.replicas
You can find the new parameters in the Operator v1.0.0 README.
-
DevMesh sidecar now preserves the
x-request-id
header for requests originating from outside the mesh. -
Upgraded istio/client-go to v1.26.1 which adds support for "Direct Response" in VirtualServices.
Removed
- SignadotRoute CRD has been removed (unused since v0.14.0).
Fixed
- Fixed a race condition in the Job controller triggered by Kubernetes Pod migration across nodes.
- Fixed a race in the initialization of the webhook for replicas exceeding 1.
Security
- Upgrade of dependent libraries and compilers.
API / Control Plane
Fixed
- Fixed a control plane crash that occurred when the orphaned resources garbage collector encountered certain edge cases.
2025-06-13
API / Control Plane
Added
- Introduced an enhanced billing and usage tracking system. Existing organizations will be transitioned to the new platform.
Dashboard
Fixed
- Fixed navigation problems in Sandbox details page for logs associated with forks & resources.
2025-06-05
API / Control Plane
Security
- Dependency upgrades and security fixes.