redpanda-data · RafalKorepta · Jun 20, 2025 · Jun 19, 2025
@@ -147,7 +147,7 @@ tasks:
     - ./.changes/**/*.md
     - ./.changes/**/*.yaml
     cmds:
-    - changie merge -u '## Unreleased' # Ensure CHANGELOG.mds are up to date.
+    - changie merge # Ensure CHANGELOG.mds are up to date.
 
   build:
     cmds:

@@ -5,13 +5,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 and is generated by [Changie](https://github.com/miniscruff/changie).
 
 
-## Unreleased
-### Changed
-* `values.schema.json` is now "closed" (`additionalProperties: false`)
-
-  Any unexpected values will result in a validation error,previously they would
-  have been ignored.
-
 ### [0.1.14](https://github.com/redpanda-data/helm-charts/releases/tag/connectors-0.1.14) - 2024-11-20
 #### Added
 * Enabled flag that would be only used by Redpanda chart when partial values will be embedded into Redpanda values struct

@@ -5,137 +5,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 and is generated by [Changie](https://github.com/miniscruff/changie).
 
 
-## Unreleased
-### Added
-* Added a chart wide `podTemplate` field which may be used to control Pod attributes chart wide.
-
-  This field has a lower precedence than `statefulset.podTemplate` and
-  `post_install_job.podTemplate` but will still be merged with them.
-* `podTemplate`, `statefulset.podTemplate`, and `post_install_job.podTemplate` may now contain template expressions **with in string fields**
-
-  To compensate for some of the functionality that was lost with the removal of
-  fields like `extraVolumes`, we've upgraded `podTemplate` fields to support
-  templating. Rather than allowing full control over a structured value, we've
-  reduced the scope to only string fields. This is significantly more
-  maintainable and less error prone.
-
-  As an example, the below snippet will apply the release name as an annotation
-  to all Pods created by the chart.
-
-  ```yaml
-  podTemplate:
-    annotations:
-      "keys-cannot-be-templated": '{{ .Release.Name }}' # But values can!
-  ```
-
-  See `values.yaml` for additional examples.
-* statefulset.initContainers.configurator.additionalCLIArgs is added to the helm values, to enable the init container to construct an external secret evaluator.
-
-In the v2 operator, this value is defaulted from the operator's settings.
-### Changed
-* Promoted the config-watcher sidecar into a real go binary that handles user management and simplifies cluster health checks so they no longer fail when the sole issue is that other nodes in the cluster are unavailable. Additionally the new sidecar subsumes the behavior of the `statefulset.sideCars.controllers` stanza which should now be specified via their own `enabled` flags.
-* `clusterDomain` now defaults to `cluster.local.` (A trialing `.` has been added) and the chart no longer adds trailing `.`'s to internal domains.
-
-  For users not experiencing issues with trailing `.`'s this change has no
-  effect. For users that have had issues with trailing `.`'s, it's now possible
-  to opt-out of this behavior by explicitly setting `clusterDomain` to `cluster.local`.
-
-  For users that override `clusterDomain`, copied a previous releases
-  values.yaml, or use the `--reuse-values` flag, trailing `.`'s will be tripped
-  from domains upon updating. This behavior may be opted into by appending a
-  `.` to `clusterDomain` prior to upgrading.
-* Bump AppVersion to v24.3.6 Redpanda release
-* Bump Redpanda operator side car container tag to `v2.3.7-24.3.6`.
-* `values.schema.json` is now "closed" (`additionalProperties: false`)
-
-  Any unexpected values will result in a validation error,previously they would
-  have been ignored.
-* Update Console depedency to latest version with breaking change. Please visit Console change-log.
-* The name of the container running redpanda is now always set to `redpanda`.
-* bumped `appVersion` to [v25.1.1](https://github.com/redpanda-data/redpanda/releases/tag/v25.1.1).
-* `serviceAccount.create` now defaults to `true`.
-
-  The previous behavior resulted in using the `default` service account and
-  extending it with all bindings generated from the chart. Such behavior is
-  unlikely to be desired.
-* `rpk debug bundle --namespace $NAMESPACE` now works by default.
-
-  The chart now creates a set of `Roles` and `RoleBindings` that satisfy the
-  requirements of running `rpk debug bundle` from any redpanda Pod. These
-  permissions may be disabled by specifying `rbac.rpkDebugBundle=false`.
-
-  Additionally, the redpanda container now always has a Kubernetes
-  ServiceAccount token mounted to it to ensure `rpk debug bundle` can be
-  executed successfully.
-* Update Console depedency to latest version `v3.1.0`. Please visit Console change-log.
-### Deprecated
-* `.statefulset.sidecars.controllers.image` is now deprecated. It may be specified but will not be respected. Use `.statefulset.sidecars.image` instead.
-### Removed
-* Connectors sub-chart integration.
-
-  The connectors chart may still be deployed separately, though it is not
-  officially support. If possible, it is recommended to migrate to redpanda
-  connect.
-* Removed the deprecated fields `license_key` and `license_secret_ref` in favor
-of `enterprise.license` and `enterprise.licenseSecretRef`, respectively.
-* `statefulset.securityContext`, `statefulset.sideCars.configWatcher.securityContext` have been removed.
-
-  These fields previously served as both PodSecurityContext and SecurityContext
-  across the entire chart which led to confusing semantics that couldn't be
-  fixed without breaking backwards compatiblity.
-
-  The top level `podTemplate` field may be used to control
-  PodSecurityContexts and SecurityContexts across the chart.
-* Fields that would be better served through `podTemplate` have been removed in favor of using `podTemplate`.
-
-  Removed fields:
-  - `nodeSelector` -> `podTemplate.spec.nodeSelector`
-  - `affinity` -> `podTemplate.spec.affinity`
-  - `tolerations` -> `podTemplate.spec.tolerations`
-  - `imagePullSecrets` -> `podTemplate.spec.imagePullSecrets`
-  - `statefulset.annotations` -> `statefulset.podTemplate.annotations`
-  - `statefulset.startupProbe` -> `statefulset.podTemplate.spec.containers[0].startupProbe`
-  - `statefulset.livenessProbe` -> `statefulset.podTemplate.spec.containers[0].livenessProbe`
-  - `statefulset.readinessProbe` -> `statefulset.podTemplate.spec.containers[1].readinessProbe`
-  - `statefulset.podAffinity` -> `statefulset.podTemplate.spec.affinity.podAffinity`
-  - `statefulset.nodeSelector` -> `statefulset.podTemplate.spec.nodeSelector`
-  - `statefulset.priorityClassName` -> `statefulset.podTemplate.spec.priorityClassName`
-  - `statefulset.tolerations` -> `statefulset.podTemplate.spec.tolerations`
-  - `statefulset.topologySpreadConstraints` -> `statefulset.podTemplate.spec.topologySpreadConstraints`
-  - `statefulset.terminationGracePeriodSeconds` -> `statefulset.podTemplate.spec.terminationGracePeriodSeconds`
-  - `statefulset.extraVolumes` -> `statefulset.podTemplate.spec.volumes`
-  - `statefulset.extraVolumesMounts` -> `statefulset.podTemplate.spec.containers[*].volumeMounts`
-  - `statefulset.initContainers.*.extraVolumesMounts` -> `statefulset.podTemplate.spec.initContainers[*].volumeMounts`
-  - `statefulset.initContainers.*.resources` -> `statefulset.podTemplate.spec.initContainers[*].resources`
-  - `statefulset.initContainers.extraInitContainers` -> `statefulset.podTemplate.spec.initContainers`
-  - `statefulset.sidecars.configWatcher.extraVolumeMounts` -> `statefulset.podTemplate.spec.containers[*].volumeMounts`
-  - `statefulset.sidecars.configWatcher.resources` -> `statefulset.podTemplate.spec.containers[*].resources`
-  - `statefulset.sidecars.configWatcher.securityContext` -> `statefulset.podTemplate.spec.containers[*].securityContext`
-  - `statefulset.sidecars.controllers.resources` -> `statefulset.podTemplate.spec.containers[*].resources`
-  - `statefulset.sidecars.controllers.securityContext` -> `statefulset.podTemplate.spec.containers[*].securityContext`
-  - `statefulset.sidecars.extraVolumeMounts` -> `statefulset.podTemplate.spec.containers[*].volumeMounts`
-  - `statefulset.sidecars.resources` -> `statefulset.podTemplate.spec.containers[*].resources`
-  - `statefulset.sidecars.securityContext` -> `statefulset.podTemplate.spec.containers[*].securityContext`
-* Removed regex validation of all image tags.
-* The unrespected`kafkaEndpoint` listener parameter has been removed from `values.yaml`
-### Fixed
-* Reverse order of applying resources to first create ClusterRole and then ClusterRoleBinding.
-  When Redpanda custom resource has enabled RBAC the reconciliation was blocked due
-  ClusterRoleBinding referencing not yet created ClusterRole.
-
-* Fixed an issue where not explicitly specifying a SASL auth mechanism when SASL is enabled caused Console to fail to start up.
-* Prevent broker nodes from restarting when solely the cluster replica amount changes
-* `authentication_method` is no longer set on `http_api` as redpanda itself does not support authentication on the http API.
-* Fixed rack awareness by mounting a service account token to the initcontainer when rack awareness is enabled.
-* Broken `Issuer`s and `Certificate`s are no longer needlessly generated when `tls.<cert>.issuerRef` is provided.
-* Fixed the security contexts' of `set-datadir-ownership` and `set-tiered-storage-cache-dir-ownership`.
-* The `schema_registry_client` and `pandaproxy_client` stanzas of `redpanda.yaml`
-  now respect `listeners.kafka.tls.trustStore`, when provided.
-  See also [helm-chart 1573 issue](https://github.com/redpanda-data/helm-charts/issues/1573).
-
-* Corrected naming of `Role`s to use Fullname instead of Name, which ensures they are unique within their namespace.
-* Updated naming of `ClusterRole`s to include the release namespace. This ensures that they are unique per release and permits installing the chart with the same name across different namespaces.
-
 ## [v25.1.1-beta3](https://github.com/redpanda-data/redpanda-operator/releases/tag/charts%2Fredpanda%2Fv25.1.1-beta3) - 2025-05-06
 ### Added
 * Added a chart wide `podTemplate` field which may be used to control Pod attributes chart wide.

@@ -5,16 +5,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 and is generated by [Changie](https://github.com/miniscruff/changie).
 
 
-## Unreleased
-### Added
-* Added support for casting to and from aliased struct types.
-
-  ```go
-  type MySpecialType SomeOtherStruct
-  var x MySpecialType
-  SomeOtherStruct(x)
-  ```
-
 ## v1.1.0 - 2025-04-21
 ### Added
 * Added support for `.Files.Get`, `.Files.GetBytes`, and `.Files.Lines`.

@@ -5,101 +5,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 and is generated by [Changie](https://github.com/miniscruff/changie).
 
 
-## Unreleased
-### Added
-* Added scheduled sync of ghost broker decommissioner to ensure it's running, even if no watches trigger the reconciler.
-* v1 operator: ExternalSecretRefSelector is now provided for referring to external secrets in `clusterConfiguration`. This has an `optional` flag which is honoured if present - it turns errors into warnings if the secret can't be looked up.
-* Added full lifecycle management support for v1alpha2/Redpanda resources by changing all StatefulSets to leverage OnDelete. Additionally, introduce NodePool statuses to the Redpanda structure and deprecate all old Flux-based status fields.
-* statefulset.initContainers.configurator.additionalCLIArgs is added to the helm values, to enable the init container to construct an external secret evaluator.
-
-In the v2 operator, this value is defaulted from the operator's settings.
-* Add option to the operator installation to install CRDs as part of the helm install process.
-* The annotation `operator.redpanda.com/config-sync-mode: Declarative` may be added to a Redpanda resource to control the mode in which cluster configuration is updated. `Declarative` mode will *remove* any configuration that's not specified on the resource. The default behaviour is `Additive`, wich preserves the current overwrite-only mode.
-### Changed
-* [Chart] Moved all template rendering into `entry-point.yaml` to match the redpanda and console charts.
-* `values.schema.json` is now "closed" (`additionalProperties: false`)
-
-  Any unexpected values will result in a validation error,previously they would
-  have been ignored.
-* The redpanda operator's helm chart has been merged into the operator itself.
-
-  Going forward the chart's `version` and `appVersion` will always be equal.
-* `rbac.createRPKBundleCRs` now defaults to `true`.
-* The operator will now populate `.Statefulset.SideCars.Image`, if unspecified, with it's own image.
-
-  The image and tag may be controlled with pre-existing
-  `--configurator-base-image` and `--configurator-tag` flags, respectively.
-
-  The previous behavior was to defer to the default of the redpanda chart which
-  could result in out of sync RBAC requirements or regressions of
-  sidecar/initcontainer behavior, if using an older redpanda chart.
-* Bootstrap expansion in the v2 operator's initContainer now uses CEL-patching for its expansion, much like the v1 operator.
-
-* It is not the case that the OperatorQuiescent condition for the v1 operator cannot be True unless the ClusterConfigured condition is also True.
-
-The status.observedGeneration will only update when the cluster reaches the OperatorQuiescent state.
-* The operator will try stripping off a layer of quotation from configuration values when interpreting numeric and boolean values. These may be accidentally introduced upstream of the CR, but where the intent is obvious we don't need to be strict about it.
-* The `Redpanda` controller will now unconditionally re-queue for reconciliation periodically. This permits it to pick up configuration changes in external secrets.
-### Deprecated
-* v1 operator: the `clusterConfiguration` field `ExternalSecretRef` is deprecated in favour of `ExternalSecretRefSelector`. Since this field was extremely new, it will be removed in the very near future.
-### Removed
-* Removed bundled FluxCD controllers, bundled FluxCD CRDs, and support for delegating control to FluxCD.
-
-  Previously reconciled FluxCD resources (`HelmRepository`, `HelmRelease`)
-  will **NOT** be garbage collected upon upgrading. If the operator is
-  coexisting with a FluxCD installation, please take care to manually remove
-  the left over resources.
-
-  `chartRef.useFlux: true` and `chartRef.chartVersion` are no longer
-  supported. The controller will log errors and abort reconcilation until the
-  fields are unset. Ensure that both have been removed from all `Redpanda`
-  resources before upgrading.
-
-  All other `chartRef` fields are deprecated and are no longer referenced.
-
-  `helmRelease`, `helmReleaseReady`, `helmRepository`, `helmRepositoryReady`,
-  and `upgradeFailures` are no longer set on `RedpandaStatus`, similar to their
-  behavior when `useFlux: false` was set.
-* `gcr.io/kubebuilder/kube-rbac-proxy` container is deprecated and has been removed from the Redpanda
-operator helm chart. The same ports will continue to serve metrics using kubebuilder's built in RBAC.
-
-  Any existing prometheus rules don't need to be adjusted.
-
-  For more details see: https://github.com/kubernetes-sigs/kubebuilder/discussions/3907
-
-* The V1 operator now requires a minimum Redpanda version of 23.2; all feature-gated behaviour that supported older versions is now enabled unconditionally.
-* The [`kube-prometheus-stack`](https://prometheus-community.github.io/helm-charts) subchart has been removed.
-
-  This integration was not being up kept and most use cases will be better served by deploying this chart themselves.
-### Fixed
-* Certificate reloading for webhook and metrics endpoints should now behave correctly.
-* The operator will restart the redpanda cluster on any change to the cluster configuration
-* Expanded the set of rules in both Roles and ClusterRoles to be appropriately in sync with the redpanda helm chart.
-* DeprecatedFullNameOverride was interpreted differently between rendering resources and creating 
-  kafka, admin and schema registry client. Now deprecated fullNameOverride will be used only
-  if correct FullNameOverride is not provided and handled the same way for both
-  client creation and render function.
-* The Redpanda license was not set by operator. Now it will be set in the first reconciliation. After initial setup the consequent license re-set will be reconciled after client-go cache resync timeout (default 10h).
-* The operator now unconditionally produces statefulsets that have environment variables available to the initContainer that are used for CEL-based config patching.
-
-Previously it attempted to leave existing sts resources unpatched if it seemed like they had already been bootstrapped. With the adoption of CEL patching for node configuration, that left sts pods unable to restart.
-* The operator now unconditionally produces an environment for the initContainer that supports CEL-based patching.
-
-This is required to ensure that a pre-existing sts can roll over to new configuration correctly.
-* Improved support for multi-STSes (e.g., multiple NodePools) in the ghost broker decommissioning logic.
-
-- Desired replicas were previously fetched from a single STS, leading to incorrect broker count decisions when multiple STSes were present. Now, the logic accounts for all STSes.
-- Fixed incorrect broker map keying: previously used pod ordinal, which is not unique across STSes (e.g., `blue-0` and `green-0` both mapped to `0`). Switched to using the pod name as the key to correctly distinguish brokers.
-- Disabled ordinal-based broker deletion logic in Operator v1 mode, as it doesn't work reliably in a multi-STS setup.
-
-* Setting `serviceAccount.create` to `false` no longer prevents the Kubernetes ServiceAccountToken volume from being mounted to the operator Pod.
-* updated operator v1 to ignore "cluster.redpanda.com/node-pool-spec" annotation for pod rolls. previously, under certain conditions, the operator started rolling pods if this annotation changed - but there is no need to do so.
-* Added the missing `https` port to the operator Pod that was referenced by the [`ServiceMonitor`](https://github.com/redpanda-data/redpanda-operator/blob/4e34c5ea79b00fa0caeda64955e3291666194274/operator/chart/servicemonitor.go#L42)
-* `get` permissions on `Node` resources is now correctly configured by default.
-
-   `--set rbac.createAdditionalControllerCRs=true` is no longer required for rackawareness to work.
-* Fixed a bug where pods would be restarted indefinitely in the case of config version changes when syncing cluster configuration.
-
 ## [v25.1.1-beta3](https://github.com/redpanda-data/redpanda-operator/releases/tag/operator%2Fv25.1.1-beta3) - 2025-05-07
 ### Added
 * Added scheduled sync of ghost broker decommissioner to ensure it's running, even if no watches trigger the reconciler.