The ingress-nginx ingress implementation is the standard ingress in the Kubernetes community, and it doesn't make sense for us to stray from that just to utilize the k3s default.
In the future, we might drop k3s, but this works well for now.
While using create is more correct, logs in Dokku are considered ephemeral, and thus shouldn't be considered subject to the more comprehensive log retention standards one might require out of a logging system.
By switching to copytruncate, we can ensure that logs mounted from within containers do not have that matched the old settings (closes#6633) and cases where the log file is written by a user other than the one specified in the old logrotate settings (closes#4000).
Rather than require a heavy chown operation across various paths, just chown the files already in the built image during the release process. This ensures we can skip not-only the chown process during the container start that herokuish injects, but also the one that Dokku runs which modifies mounted container paths as well during the pre-deploy.
Note that users will need to ensure any mounted volumes don't have permissions reset by other processes or containers won't be able to access them.
Setting a priority appears to cause minor outages in certain cases, so we should just avoid setting it on behalf of users and allow them to set this directly.
Domains cannot be reused across ingress objects, and port maps are a function of a domain, so the inversion here makes most sense (at the cost of some downtime when migrating.
Images would build but then fail to be tagged, causing deployment problems on arm64 architectures for a small number of images.
Also fix a minor issue in the nixpacks builder that caused any pre-release-builder triggers that consumed the image to get an empty string instead.
If keda is not installed, warn the user that it isn't installed and ignore the rest.
Ignoring the error here is fine as it gives the user context but doesn't block a deploy.
# History
## 0.33.8
Install/update via the bootstrap script:
```shell
wget -NP . https://dokku.com/install/v0.33.8/bootstrap.sh
sudo DOKKU_TAG=v0.33.8 bash bootstrap.sh
```
### Bug Fixes
- #6675: @josegonzalez Remove the need for executing crontab as root
- #6660: @josegonzalez Handle case where systemctl isn't in /usr/bin
- #6659: @josegonzalez Add missing cron:set command
- #6658: @josegonzalez Execute go get/build with mod in readonly mode
- #6642: @josegonzalez Use correct annotations key for the ingress chart
- #6631: @josegonzalez Correctly use cache volume for herokuish builds
- #6629: @josegonzalez Use smaller reference to image pull secrets in secret naming
- #6628: @josegonzalez Ensure non-web processes do not attempt to perform web logic in k3s templates
- #6623: @josegonzalez Do not allow reusing the same scheme:host-port mappings when setting ports
- #6624: @taraszka Install jq in vagrant vm
- #6614: @josegonzalez Correct issue where --force-tty was not properly supported by run:detached calls
### New Features
- #6673: @josegonzalez Add image version as label to built images
- #6640: @josegonzalez Add initial support for injecting keda addons
- #6662: @josegonzalez Allow limiting letsencrypt to certain domains when using openresty as a proxy
- #6643: @josegonzalez Add ability to add extra labels
- #6639: @josegonzalez Add support for setting underscores-in-headers for nginx, openresty, and k3s
- #6634: @josegonzalez feat: install keda addon in k3s cluster
- #6616: @josegonzalez Ensure referenced images get updated by dependabot
- #6613: @josegonzalez Add a helper binary to deploy a test app for local development
### Refactors
- #6644: @josegonzalez Only apply the cluster issuers helm chart when setting letsencrypt properties
- #6641: @josegonzalez Rename image pull secrets to standardize on secret naming pattern
- #6626: @josegonzalez Copy code into initial base image via docker build
### Documentation
- #6656: @holamendi Fix typo in builder management docs
- #6652: @Calyhre Added dokku-mdns to list of community plugins
- #6649: @undercontr Added detach flag to Docker installation documentation
### Dependencies
- #6671: @josegonzalez Update dokku dependencies
- #6672: @dependabot[bot] chore(deps): bump golang from 1.22.0 to 1.22.1 in /tests/apps/go-fail-predeploy
- #6670: @dependabot[bot] chore(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /tests/apps/gogrpc
- #6669: @dependabot[bot] chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /tests/apps/gogrpc
- #6668: @dependabot[bot] chore(deps): bump golang from 1.22.0 to 1.22.1 in /tests/apps/zombies-dockerfile-tini
- #6667: @dependabot[bot] chore(deps): bump golang from 1.22.0 to 1.22.1 in /tests/apps/gogrpc
- #6664: @dependabot[bot] chore(deps): bump golang from 1.22.0 to 1.22.1 in /tests/apps/go-fail-postdeploy
- #6666: @dependabot[bot] chore(deps): bump pyparsing from 3.1.1 to 3.1.2 in /docs/_build
- #6665: @dependabot[bot] chore(deps): bump mkdocs-material from 9.5.12 to 9.5.13 in /docs/_build
- #6663: @dependabot[bot] chore(deps): bump golang from 1.22.0 to 1.22.1 in /tests/apps/zombies-dockerfile-no-tini
- #6661: @josegonzalez Bump go modules
- #6654: @dependabot[bot] chore(deps): bump pymdown-extensions from 10.7 to 10.7.1 in /docs/_build
- #6653: @dependabot[bot] chore(deps): bump golang.org/x/crypto from 0.20.0 to 0.21.0 in /plugins/common
- #6651: @dependabot[bot] chore(deps): bump python-dateutil from 2.9.0 to 2.9.0.post0 in /docs/_build
- #6648: @dependabot[bot] chore(deps): bump python-dateutil from 2.8.2 to 2.9.0 in /docs/_build
- #6645: @dependabot[bot] chore(deps): bump rack from 2.2.8 to 2.2.8.1 in /tests/apps/ruby
- #6646: @dependabot[bot] chore(deps): bump mkdocs-material from 9.5.11 to 9.5.12 in /docs/_build
- #6638: @josegonzalez chore: bump go modules
- #6635: @dependabot[bot] chore(deps): bump tj-actions/changed-files from 42.0.4 to 42.0.5
- #6636: @dependabot[bot] chore(deps): bump timberio/vector from 0.36.X-debian to 0.36.0-debian in /plugins/logs
- #6637: @dependabot[bot] chore(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 in /plugins/common
- #6619: @dependabot[bot] chore(deps): bump traefik from v2.10 to 2.11 in /plugins/traefik-vhosts
- #6622: @josegonzalez chore(deps): bump timberio/vector from 0.35.X-debian to 0.36.X-debian in /plugins/logs
- #6618: @dependabot[bot] chore(deps): bump mkdocs-material from 9.5.10 to 9.5.11 in /docs/_build
- #6621: @dependabot[bot] chore(deps): bump byjg/easy-haproxy from 4.3.0 to 4.4.0 in /plugins/haproxy-vhosts
- #6610: @dependabot[bot] chore(deps): bump helm.sh/helm/v3 from 3.14.1 to 3.14.2 in /plugins/scheduler-k3s
This was done by design previously - to fix an issue with RHEL not allowing running crontab as the current user - but is no longer necessary with the removal of non-Debian platform support.
The newer version is pulled by something in k3s and somehow is - probably through workspace magic - pulled into the config plugin tests. We pin to the older version since parsing changed at some point, which will cause issues for users.
A future update should move this to the latest version and cause a BC break, but for now lets pin as expected.
