Skip to content

Changelog

This page tracks changes between SPOG releases, focused on what operators need to know when upgrading. Breaking changes always come first, each with the required action.

1.1.0 — upgrading from 1.0.0

Breaking changes

NATS WebSocket is now proxied at /ws on the UI origin

The browser connects to the NATS WebSocket on the same host and port as the Glass UI, at the /ws path. The nginx server inside the glass-ui pod forwards these connections to NATS internally. The dedicated NATS WebSocket NodePort/LoadBalancer service (glass-nats-websocket) and the /config/nats.json mechanism have been removed.

Action required

  • Remove ui.config.nats.serverUrl overrides from your Helm values and install commands (e.g. --set "ui.config.nats.serverUrl=ws://${NODE_IP}:31222"). The value is no longer read; the WebSocket URL is derived from the browser's address bar.
  • Remove the nats.websocket section from your values if present. The Helm schema rejects it; there is no dedicated WebSocket service anymore.
  • Close firewall rules for the old WebSocket NodePort (default 31222). Only the UI port needs to be reachable.
  • Port-forward users: a single kubectl port-forward svc/glass-ui 8080:80 now suffices; the second forward to glass-nats is obsolete.

See WebSocket Connectivity Changes for the full migration guide, including TLS termination without an ingress controller.

New features

  • ArgoCD deployment support. Setting global.argocd.enabled: true turns the secret generator Jobs into ArgoCD sync hooks and makes secret generation compatible with helm template-based rendering. See Deploying via ArgoCD. No action needed for Helm-based deployments.
  • Automatic CloudControl NATS secret detection. SPOG now accepts both the legacy (nats-spog-internal, nats-secrets) and modern (nats-spog-internal-ccsm, nats-secrets-ccsm) secret names produced by different CloudControl versions, preferring the -ccsm variant when both exist. No configuration needed on upgrade.

1.0.0 — 2026-03-16

Initial release.