majinghe
a58692f550
fix(heal): bind service account to sts and deployment ( #3513 )
2026-06-17 18:36:24 +08:00
Henry Guo
0d16a86d9a
docs(scanner): add benchmark runbook ( #3412 )
...
Co-authored-by: Henry Guo <marshawcoco@users.noreply.github.com >
2026-06-13 22:39:13 +08:00
Henry Guo
7191a3abae
docs(scanner): document runtime scanner controls ( #3339 )
...
* docs(scanner): document runtime scanner controls
* docs(scanner): split English and Chinese README
---------
Co-authored-by: Henry Guo <marshawcoco@users.noreply.github.com >
Co-authored-by: majinghe <42570491+majinghe@users.noreply.github.com >
2026-06-11 12:04:34 +08:00
houseme
68400933b5
chore(release): prepare 1.0.0-beta.8 ( #3317 )
...
* chore(release): prepare 1.0.0-beta.8
* chore(release): align release assets for 1.0.0-beta.8
2026-06-10 04:34:39 +00:00
Julien Pervillé
992de65c58
feat(helm): add priorityClassName attribute ( #3301 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-06-09 22:07:41 +08:00
Michael
2fc1cf90e0
feat(helm): add option to disable log PVCs and mounts ( #3189 )
...
Co-authored-by: cxymds <Cxymds@qq.com >
2026-06-08 10:35:12 +00:00
Michael
45e3c01857
feat(helm): add topology spread constraints configuration to StatefulSet ( #3187 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-06-04 03:20:51 +00:00
houseme
66b8699927
chore(release): prepare 1.0.0-beta.7 ( #3184 )
...
* chore(release): prepare 1.0.0-beta.7
* chore(release): align release assets for 1.0.0-beta.7
2026-06-03 04:18:50 +00:00
Michael
054523695f
fix(helm): add apiVersion and kind to PersistentVolumeClaim metadata ( #3170 )
2026-06-03 09:27:43 +08:00
CptOfEvilMinions
e91e513ab3
feat: Helm chart support extra volumes ( #2982 )
2026-06-01 16:52:35 +08:00
houseme
28bac7fbd6
chore(release): prepare 1.0.0-beta.6 ( #3104 )
...
* chore(release): prepare 1.0.0-beta.6
* ci(nix): harden flaky crate fetch handling
* ci(nix): drop magic cache and force fallback
* ci(nix): set explicit user-agent for crate fetch
* ci(nix): adopt determinate nix workflow stack
* ci(nix): add nix user-agent suffix for fetches
* ci(nix): add flakehub cache and align determinate actions
* ci(nix): pin determinate actions to release tags
* ci(nix): disable flakehub auth path in CI cache
* ci(nix): restore stable magic cache baseline
* ci(nix): trust local magic cache substituter
* ci(nix): stop forcing Node24 for JS actions
* ci(nix): drop manual localhost cache config
* ci(nix): adopt latest determinate flakehub stack
* ci(nix): record latest determinate workflow state
2026-05-28 09:21:16 +00:00
Derek Ditch
11e97951fd
fix(helm): add LoadBalancer service type support ( #3049 )
...
The service template only handled ClusterIP and NodePort via if/else-if
branches. When service.type=LoadBalancer was set, no branch matched and
the type field was omitted from the rendered Service, causing Kubernetes
to silently default to ClusterIP.
Add the missing LoadBalancer branch with support for:
- loadBalancerIP: request a specific IP (e.g. Cilium LB-IPAM, MetalLB)
- loadBalancerClass: select a specific LB implementation
- loadBalancerSourceRanges: restrict client source IPs
This is particularly useful for bare-metal / on-prem clusters using
software load balancers (Cilium LB-IPAM, MetalLB, kube-vip) where
a stable routable IP is preferable to an Ingress for S3 clients.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com >
Co-authored-by: houseme <housemecn@gmail.com >
Co-authored-by: 安正超 <anzhengchao@gmail.com >
Co-authored-by: cxymds <Cxymds@qq.com >
Co-authored-by: majinghe <42570491+majinghe@users.noreply.github.com >
2026-05-27 14:35:09 +00:00
houseme
6264be437c
fix(storage): add scoped timeout policy and startup fs guardrail ( #3056 )
...
* fix(storage): add RUSTFS_NETWORK_MOUNT_MODE for CIFS/NFS backends
* style: fix cargo fmt formatting in disk_store.rs
* fix(storage): add RUSTFS_NETWORK_MOUNT_MODE for CIFS/NFS backends
Extend the TimeoutHealthAction introduced in #2996 to read_metadata,
list_dir, and disk_info operations when RUSTFS_NETWORK_MOUNT_MODE=true.
Also raises all drive operation timeouts to 60s (explicit per-operation
overrides still take precedence).
Closes #2790
* feat(startup): add unsupported filesystem policy guardrail
* chore(deps): refresh lockfile and dependency pins
* feat(ecstore): add scoped timeout health-action policy
* docs(config): document drive timeout health-action policy
* refactor(ecstore): cache timeout health policy per disk wrapper
* fix(storage): add RUSTFS_NETWORK_MOUNT_MODE for CIFS/NFS backends (#2838 )
* fix(storage): add RUSTFS_NETWORK_MOUNT_MODE for CIFS/NFS backends
* style: fix cargo fmt formatting in disk_store.rs
* fix(storage): add RUSTFS_NETWORK_MOUNT_MODE for CIFS/NFS backends
Extend the TimeoutHealthAction introduced in #2996 to read_metadata,
list_dir, and disk_info operations when RUSTFS_NETWORK_MOUNT_MODE=true.
Also raises all drive operation timeouts to 60s (explicit per-operation
overrides still take precedence).
Closes #2790
* fix(utils): map verified Linux filesystem magic values (#3051 )
* fix(utils): cover sha256 checksum validation (#3052 )
* fix(utils): cover sha256 checksum validation
* docs: clarify sha256 checksum validation
---------
Co-authored-by: houseme <housemecn@gmail.com >
Co-authored-by: 安正超 <anzhengchao@gmail.com >
* refactor(config): replace network mount mode with timeout profile preset
* fix(review): align fallback defaults and extend fs-type detection
* fix(review): cache timeout profile and restore probe timeout semantics
* refactor(ecstore): cache timeout health policy lookup
* perf(ecstore): cache active probe timeout per monitor task
---------
Co-authored-by: mistik <mistiklord4@gmail.com >
Co-authored-by: 安正超 <anzhengchao@gmail.com >
2026-05-22 06:37:30 +00:00
houseme
b2dfdf85de
chore(release): prepare 1.0.0-beta.4 ( #3032 )
...
* chore(release): prepare 1.0.0-beta.4
* docs(skill): refine rustfs spec changelog rule
* docs(skill): optimize rustfs release bump workflow
2026-05-20 13:56:43 +00:00
houseme
bdb98598d2
chore(release): prepare 1.0.0-beta.3 ( #2957 )
2026-05-14 04:27:26 +00:00
Michael Graff
3898d524fe
security: same-origin console CORS, fail-closed helm creds, deny.toml, sample-config hardening ( #2769 )
...
Signed-off-by: Michael Graff <explorer@flame.org >
Signed-off-by: 安正超 <anzhengchao@gmail.com >
Co-authored-by: 安正超 <anzhengchao@gmail.com >
Co-authored-by: loverustfs <hello@rustfs.com >
2026-05-06 07:34:44 +00:00
Duru Can Celasun
718bec7722
feat(helm-chart): support scale to 0 in standalone mode ( #2797 )
...
Signed-off-by: Duru Can Celasun <can@dcc.im >
Co-authored-by: 安正超 <anzhengchao@gmail.com >
Co-authored-by: cxymds <Cxymds@qq.com >
2026-05-06 06:42:56 +00:00
majinghe
e331a26262
feat: helm chart version update ( #2738 )
2026-04-29 11:14:35 +00:00
majinghe
7041e628b7
fix: docker image build and helm chart publish error caused by versio… ( #2731 )
2026-04-29 03:23:47 +00:00
majinghe
d447da75c1
chore: update version from alpha to beta ( #2720 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-04-28 23:08:10 +00:00
Rafael Peroco
2c9524e2c9
fix(helm): only render rollingUpdate when strategy type is RollingUpdate ( #2728 )
2026-04-28 23:06:31 +00:00
houseme
c4d5c5c5ec
fix(obs): disable profiling export by default and fix Helm env name ( #2719 )
2026-04-28 11:57:15 +00:00
majinghe
41d2812861
feat: add support for external/existing certificate issuer ( #2631 )
2026-04-21 07:21:43 +00:00
houseme
9677320f23
fix(scanner): stabilize data usage cache persistence under slow metadata I/O ( #2594 )
2026-04-18 16:36:28 +00:00
majinghe
6b4172998b
fix(helm): disable kms default ( #2566 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-04-16 11:51:44 +00:00
majinghe
af93d2daba
fix: update mtls configuration for standalone and distributed mode ( #2565 )
2026-04-16 09:26:36 +00:00
majinghe
4615791193
add kms environment variables support in helm chart ( #2552 )
...
Co-authored-by: loverustfs <hello@rustfs.com >
Co-authored-by: houseme <housemecn@gmail.com >
2026-04-16 02:43:54 +00:00
Strangerxxx
73e6542eea
feat(helm): add generic service and ingress annotation support ( #2541 )
...
Co-authored-by: cxymds <Cxymds@qq.com >
Co-authored-by: houseme <housemecn@gmail.com >
2026-04-15 10:16:10 +00:00
majinghe
8152c8e084
fix: add different annotations for different pvc ( #2547 )
2026-04-15 15:21:38 +08:00
majinghe
6963b898ee
feat: add support for pvc customized annotations ( #2412 )
2026-04-07 13:34:49 +08:00
majinghe
751bc3d737
fix: move ec configuration from configmap to extraEnv ( #2408 )
2026-04-07 11:00:21 +08:00
majinghe
d56e839f20
feat: add extra env support for helm chart ( #2340 )
2026-03-30 22:03:36 +08:00
majinghe
172086ff42
fix: change the condition for httproute ( #2345 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-03-30 22:03:01 +08:00
majinghe
14e4d94666
add ec environment variables in helm chart ( #2290 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-03-27 09:40:30 +08:00
Peter Olds
ca62b0c163
fix(Helm): Remove duplicate imagePullSecrets block ( #2260 )
...
Co-authored-by: houseme <housemecn@gmail.com >
Co-authored-by: cxymds <Cxymds@qq.com >
2026-03-24 09:54:33 +08:00
安正超
2ad275ecc3
fix(helm): quote obs stdout configmap value ( #2166 )
...
Co-authored-by: houseme <housemecn@gmail.com >
Co-authored-by: 马登山 <Cxymds@qq.com >
2026-03-15 10:11:25 +08:00
Philip Schmid
9179fd5608
fix(helm): merge customAnnotations with class-specific ingress annotations ( #2161 )
...
Signed-off-by: Philip Schmid <philip.schmid@protonmail.com >
Co-authored-by: houseme <housemecn@gmail.com >
2026-03-15 09:22:12 +08:00
majinghe
afcaaf66fc
feat: add support for obs enpoint support in helm chart ( #2160 )
2026-03-14 21:44:44 +08:00
安正超
e2f741d41f
fix(helm): use canonical scanner start delay env ( #2142 )
2026-03-12 10:06:42 +08:00
安正超
b2e8078971
fix(policy): avoid unicode panic in variable resolver ( #2115 )
2026-03-11 21:56:32 +08:00
majinghe
67e5f5e3c3
feat: add metrics support in helm chart ( #2109 )
...
Signed-off-by: houseme <housemecn@gmail.com >
Co-authored-by: houseme <housemecn@gmail.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-03-10 12:08:36 +08:00
Smig
d13c423d50
Bump Helm Chart version to 0.0.83 and appVersion to 1.0.0-alpha.83 ( #2019 )
...
Signed-off-by: Smig <89040888+smiggiddy@users.noreply.github.com >
Co-authored-by: houseme <housemecn@gmail.com >
2026-03-01 13:15:50 +08:00
majinghe
52090d72d6
fix: add liveness and readiness probe ( #1953 )
2026-02-25 15:43:46 +08:00
mkrueger92
3b024a9dc5
rustfs#1916 Allow existing secrets to be used for tls certs in ingress ( #1918 )
...
Signed-off-by: mkrueger92 <7305571+mkrueger92@users.noreply.github.com >
Co-authored-by: houseme <housemecn@gmail.com >
2026-02-24 20:34:08 +08:00
Burak Bozacı
db70a2bed0
Feature/deployment probe override ( #1876 )
...
Co-authored-by: capitansec <capitansec@gmail.com >
Co-authored-by: houseme <housemecn@gmail.com >
2026-02-20 16:19:51 +08:00
Rohmilchkaese
3f4cb6883e
fix(helm): apply traefikAnnotations and gate TLS secret on certManager.enabled ( #1864 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-02-18 18:59:41 +08:00
majinghe
da15d622a0
fix: gateway api listener name hardcode issue ( #1834 )
...
Co-authored-by: houseme <housemecn@gmail.com >
2026-02-15 16:01:40 +08:00
majinghe
2d4d240508
feat: add existing pvc claim for standalone ( #1829 )
...
Co-authored-by: houseme <housemecn@gmail.com >
Co-authored-by: loverustfs <hello@rustfs.com >
2026-02-15 15:49:37 +08:00
realyashnegi
715cf33b89
fix(admin): return 503 when health deps are not ready ( #1824 )
2026-02-15 10:26:47 +08:00
shadow1runner
8e1fcd4792
fix(helm): add {{ .Release.Namespace }} for kustomize v5.8 compat, closes #1808 ( #1809 )
...
Co-authored-by: Helmut Wolf <3902045+shadow1runner@users.noreply.github.com >
Co-authored-by: loverustfs <hello@rustfs.com >
2026-02-14 10:25:13 +08:00